General
-
Target
3888-140-0x0000000000400000-0x0000000000426000-memory.dmp
-
Size
152KB
-
MD5
43f3190063df44267c20950cd6623454
-
SHA1
a1dccea437c3837588e72b5e395c0b14c79b63c1
-
SHA256
13b24db26c2b8df641840f39b660ce8db4a8d58867cd505f6523c186f36ea1b1
-
SHA512
a152b6478f1deb483d88fdea770af62bb711fa6bc28a82bb82007e6d95d8190c5e476607618ede5fa3a7f6112ca9f1dadf8d58508553064fa5d7b1de36d4386d
-
SSDEEP
1536:/mSDC28jydkBxyiSLMFeYn69FQk0bKugnTQdpiOWByN/F0Kcl:/mSDZf+xyiS/UKFcbfgn0nwByN/FbY
Score
10/10
Malware Config
Extracted
Family
snakekeylogger
Credentials
Protocol: smtp- Host:
cp5ua.hyperhost.ua - Port:
587 - Username:
[email protected] - Password:
7213575aceACE@#$ - Email To:
[email protected]
Signatures
-
Snake Keylogger payload 1 IoCs
-
Snakekeylogger family
-
StormKitty payload 1 IoCs
-
Stormkitty family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3888-140-0x0000000000400000-0x0000000000426000-memory.dmp
Headers
Sections