General

  • Target

    1220-62-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    751aa5fc5aa5cd883e7ac46e1acf46cc

  • SHA1

    7bd07c161107e59d3a5ea3bcc6ad0105cc42b499

  • SHA256

    edfcb5ffc22b80534d4d741dc90e192fcf8ec08b06d0dcabc9d8ba4889b7261b

  • SHA512

    a53445cc16bc831e9efccb3ce50d08fc55156c325ed11017eab1469fddd9ffa62201a1f4623a9c2de4999ab82e110e59e6e7281db281e3464557ddeac5e1c929

  • SSDEEP

    1536:wtMpEvqHEIsanj0ly+G0/nE+vBUFrlY9DZKkAMFFxgfPpAbKuNJtbfpyJI0piOWB:wtMKH7/tDZv2abfmJIewB

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot6221660400:AAGb-WADrhdDFxd9kxzjtg3jdDw9-uvNVlM/sendMessage?chat_id=6200392710

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
  • StormKitty payload 1 IoCs
  • Stormkitty family

Files

  • 1220-62-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows x86


    Headers

    Sections