Overview

overview

10

Static

static

10

1312-62-0x...ry.exe

windows7-x64

1312-62-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1312-62-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    fbddb27687955695908bd85d01e4320a

  • SHA1

    48d002115c99c261236e1fd111d5bb1b3e140e57

  • SHA256

    0824b113797dedc9e837ae87dc6e55b7577e731683470724dd91cd0b02aceaaa

  • SHA512

    b028b27aaf7d596027e01f5bf39ecc1832efa18cba35f4dcafc48390390046cab718dd947dd3c52af09e2316b95ce88eb4d20598f918be7eb553d8e2ae10d383

  • SSDEEP

    1536:ctMpEvqHEIsanj0ly+G0/nE+vBUFrlY9DZKkAMFFnwxJcrbKu5f99i5piOWB:ctMKH7/tDZvwxJ4bfRLi7wB

Score
10/10
snakekeyloggerstormkitty

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot5816308075:AAFAHgyFsBJDNSX2LHn4UAAqe1sHrGMznc4/sendMessage?chat_id=5857548246

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger
  • StormKitty payload 1 IoCs
  • Stormkitty family
    stormkitty
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1312-62-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows x86


    Headers

    Sections