snakekeylogger | 1648-63-0x0000000000400000-0x0000000000424000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1648-63-0x0000000000400000-0x0000000000424000-memory.dmp
Size

144KB
MD5

f4407dbf448da74da71e12e42e8588f3
SHA1

d357540ffda7cf42a487a4a1945b41292539b788
SHA256

94c25ba8d90414855d18f90c0d8d4d66675370761c8af848c35ddeaa67498b3c
SHA512

cb8ef539c09a0388e66138a0a5a0a23deaa415933df67cd54320d80146d0f96d977faa433fde72318f1f5e37076eb86cd39c6229bdb93015613c21fae48b8fab
SSDEEP

3072:2N08c9qoor2j1iDJJ9y45TUrbS6fCwB+SX:Bd1i9J9blUrbIS

Score

10^/10

snakekeylogger

Malware Config

Signatures

Snake Keylogger payload 1 IoCs

resource	yara_rule
sample	family_snakekeylogger

Snakekeylogger family
snakekeylogger

Files

1648-63-0x0000000000400000-0x0000000000424000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ