Overview

overview

10

Static

static

10

1876-65-0x...ry.exe

windows7-x64

1876-65-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1876-65-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    1d47aaf4df5c83924d0b1389912c8512

  • SHA1

    b78496ffbb5dc30ab1b676105bde357a27975d6d

  • SHA256

    f5f8b424c9739f71353192a7598c817f9c96bab0a712d1ed22549f562f259cf9

  • SHA512

    ac26df804b3d2ad022ddbe43905861d160ba1a671eea12096f5ee41e15e89ff07d6a967964c14ebb9d9b993b70ddb6d245e50e834b780a9d0d9b5790157ab20c

  • SSDEEP

    1536:ZtMpEvqHEIsanj0ly+G0/nE+vBUFrlY9DZKkAMFFHOLXheiWmbKuN29P2F1piOWB:ZtMKH7/tDZvDizbfM9P2FvwB

Score
10/10
snakekeyloggerstormkitty

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot5435719278:AAFkA_rGsUomupSCBqIPHcOBw0iPF0KuOG0/sendMessage?chat_id=5666881718

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger
  • StormKitty payload 1 IoCs
  • Stormkitty family
    stormkitty
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1876-65-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows x86


    Headers

    Sections