Overview

overview

10

Static

static

10

1504-63-0x...ry.exe

windows7-x64

1504-63-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1504-63-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    7f8f5a9d36b2500c050aea4f3c2a0727

  • SHA1

    67d41fe95729d13d8a814e291784c97bee2c8e5f

  • SHA256

    a61bcaa8ced100282c1ae245211bec2d96dfa4e4027f8f639472c00fdbadefa0

  • SHA512

    72dff070ca206c89117c0f97ff0f99f19b4a6f3a029d36753a26caf4e26a21ddde8bb762e9298dbd08fff6ad2e516abb777364152fd2293ddf64c3e67a3fec56

  • SSDEEP

    1536:6YxQA26PLQVJMJZjaf+vBUFrlYYm0kRAItMK+o8OaMF/7JGkOsUCBGb/UHhKgwHh:6YxQODXZjem08jwCYb8BKgwtAwBI2

Score
10/10
snakekeylogger

Malware Config

Extracted

Family

snakekeylogger

Credentials

  • Protocol:     smtp
  • Host:
    smtp.vegalogistics-pl.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    dZDvZi%z%8
C2

https://api.telegram.org/bot5816458649:AAFS1obzDKYH_QeQC_kvYxhd80vhKb3q6Vs/sendMessage?chat_id=5586449047

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger

Files

  • 1504-63-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows x86


    Headers

    Sections