Overview

overview

10

Static

static

10

1536-75-0x...ry.exe

windows7-x64

1536-75-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1536-75-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    7f0fdd8c4b711a3cf09e515e9967beff

  • SHA1

    a0ee5ca03868e3eb4a63a97c28c9f6633a0c6b30

  • SHA256

    63ba5734b263574f3554cd6ff1659495aa3812f7cd339ac41fdb7163cbe928c1

  • SHA512

    a0b9bae43741beec4a374fca52b0efa2f11ec8477ca25edd1f200cef171107e61d65dff745621da681aff234369c07d6d7c06aa8d18519f0642e3c1d880c811d

  • SSDEEP

    1536:/tMpEvqHEIsang0ly+G0/UV+vBUFrlY9kmKNpMFamNAyDt3ZbKuFoA54UpiOWB:/tMKHE/7km4mqyDbbfSAC+wB

Score
10/10
snakekeyloggerstormkitty

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot6029559841:AAEqr8_NCfqapJgAzw8PoPbqoCosnsk1VO0/sendMessage?chat_id=6033043077

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger
  • StormKitty payload 1 IoCs
  • Stormkitty family
    stormkitty
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1536-75-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows x86


    Headers

    Sections