General
-
Target
f1a4fd0ba166dd905af0029c7f759f23c52481e050fa067d4a8ac6866d71090d
-
Size
284KB
-
Sample
230328-g834kshd44
-
MD5
3d5458f26b59708a5d0da5567189aa41
-
SHA1
826bcb30b6bb04c549caf271b447710b015e316f
-
SHA256
f1a4fd0ba166dd905af0029c7f759f23c52481e050fa067d4a8ac6866d71090d
-
SHA512
205741a7c70a90bdaf955c083d65a54776fa62b1af6714ecd902a0c5f9b3fbc804675d96e582b35990b18f5b22ac78d3e050ac2496b8d4512a350b8cbb9dd465
-
SSDEEP
6144:vYa6clQizg+ll2N9cdRVmBuYiqOhhePDmRq3KvFAq+q9Wi:vYa9DlUcdFqOhAPa3A1q9Wi
Static task
static1
Behavioral task
behavioral1
Sample
f1a4fd0ba166dd905af0029c7f759f23c52481e050fa067d4a8ac6866d71090d.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
f1a4fd0ba166dd905af0029c7f759f23c52481e050fa067d4a8ac6866d71090d
-
Size
284KB
-
MD5
3d5458f26b59708a5d0da5567189aa41
-
SHA1
826bcb30b6bb04c549caf271b447710b015e316f
-
SHA256
f1a4fd0ba166dd905af0029c7f759f23c52481e050fa067d4a8ac6866d71090d
-
SHA512
205741a7c70a90bdaf955c083d65a54776fa62b1af6714ecd902a0c5f9b3fbc804675d96e582b35990b18f5b22ac78d3e050ac2496b8d4512a350b8cbb9dd465
-
SSDEEP
6144:vYa6clQizg+ll2N9cdRVmBuYiqOhhePDmRq3KvFAq+q9Wi:vYa9DlUcdFqOhAPa3A1q9Wi
Score10/10-
Snake Keylogger payload
-
Executes dropped EXE
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-