General
-
Target
432-63-0x0000000000400000-0x0000000000426000-memory.dmp
-
Size
152KB
-
MD5
2ebf23a070ffcd8594810416b44bc76b
-
SHA1
f5bd72a2b542a466c10a1f36eaab25a4f428e108
-
SHA256
f1e469746860f0bfb168ef5828c61b644e9fece9e056bd02de88e533afeb6071
-
SHA512
d809672ff652a743acb0d7ff66e55053cd8536400572f9cf5e5830420da528182d4037fc92ebfac4f7eef9dd9523285e901eab7f5459afda1a263cda3d14f924
-
SSDEEP
1536:t1JRGP0ssFZ22nrLvgr3HOfEd/1E3bskZ4ItVkrkz2tPb/UIiD8piOWBO:t1JM8sKnnvgr3HmDqksPb8NDWwBO
Score
10/10
Malware Config
Extracted
Family
snakekeylogger
Credentials
Protocol: smtp- Host:
cp5ua.hyperhost.ua - Port:
587 - Username:
[email protected] - Password:
7213575aceACE@#$ - Email To:
[email protected]
C2
https://api.telegram.org/bot5321688653:AAEI2yqGrOA_-sRZ3xaqutrexraSgFa0AnA/sendMessage?chat_id=5048077662
Signatures
-
Snake Keylogger payload 1 IoCs
-
Snakekeylogger family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
432-63-0x0000000000400000-0x0000000000426000-memory.dmp
Headers
Sections