General
-
Target
Sus derechos.exe
-
Size
758KB
-
Sample
230328-gzrzysba9z
-
MD5
2a30a6c475cac240bfb805e9e8585179
-
SHA1
f2d2072d9f7265af4fa7da6bc0e5f58a5128c6a6
-
SHA256
2b86bdceef870318c399cae840a7a41f7d267264c8e91e96566dee5ebda4d12e
-
SHA512
344cd58f43d84c7cf50e871d5dcc772c448483aba181cf8056d1196884630b266200576c8509e683dbdc59756ab8100459aaaf79f7d9a31549dbc14391127ef3
-
SSDEEP
12288:NeUJB0OAEhRgGaBJMWp+JTwdjGB1nuJGY0eUSqroDIc07tclGK3gJhZ:NH22BW8JTCRJAVZq07tclGKGD
Static task
static1
Behavioral task
behavioral1
Sample
Sus derechos.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Sus derechos.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
smtp.cerranor.com - Port:
587 - Username:
clientes@cerranor.com - Password:
RxrpS#f2 - Email To:
jacga6381@gmail.com
Targets
-
-
Target
Sus derechos.exe
-
Size
758KB
-
MD5
2a30a6c475cac240bfb805e9e8585179
-
SHA1
f2d2072d9f7265af4fa7da6bc0e5f58a5128c6a6
-
SHA256
2b86bdceef870318c399cae840a7a41f7d267264c8e91e96566dee5ebda4d12e
-
SHA512
344cd58f43d84c7cf50e871d5dcc772c448483aba181cf8056d1196884630b266200576c8509e683dbdc59756ab8100459aaaf79f7d9a31549dbc14391127ef3
-
SSDEEP
12288:NeUJB0OAEhRgGaBJMWp+JTwdjGB1nuJGY0eUSqroDIc07tclGK3gJhZ:NH22BW8JTCRJAVZq07tclGKGD
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-