General
-
Target
1164-63-0x0000000000400000-0x0000000000426000-memory.dmp
-
Size
152KB
-
MD5
affc5f80a30fd7e1f649b4f29a3029c5
-
SHA1
9a9f973ca92feac474ec7fe986a3935170cdf3f4
-
SHA256
545a3ba22888a3ff4a5bc7a61aef64f4482a6c8baa463238c1314207fc804a44
-
SHA512
55ebd20264c6b5353ed62b9a2aa6c3156bef57e88768f4fd2503894e3b3afd8872ba4f995a1b3909fe9f4423c9a6de0478395299016cc9837dd8e27882fafce9
-
SSDEEP
1536:AdrrvcWolFWmkP0isZCNDMF2xXU5ghIbKuKOwF2axpiOWByN:AdrrE3qmXisZCN5FU5gebfoPjwByN
Score
10/10
Malware Config
Extracted
Family
snakekeylogger
Credentials
Protocol: smtp- Host:
cp5ua.hyperhost.ua - Port:
587 - Username:
[email protected] - Password:
7213575aceACE@#$ - Email To:
[email protected]
Signatures
-
Snake Keylogger payload 1 IoCs
-
Snakekeylogger family
-
StormKitty payload 1 IoCs
-
Stormkitty family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1164-63-0x0000000000400000-0x0000000000426000-memory.dmp
Headers
Sections