General
-
Target
668-63-0x0000000000400000-0x0000000000426000-memory.dmp
-
Size
152KB
-
MD5
b2bcf77a73ae2f7cfad7b7ddddf793a5
-
SHA1
ef58878131b68361271f35c142afbd82e4ce5bd5
-
SHA256
50aeb585b2f0621ff11f82838eb701ea24fde30d37ba0420a062915fb20ca408
-
SHA512
ff11b59a0d152ba504f22b203162baab863f84be60e936b469c92d927ef18d92f5656551dd3d64e45447a3b24c0cefb8b26a789b2b309c13204beddeec1d7ed4
-
SSDEEP
1536:/mSDC28jydkBxyiSLMFeYn69FQk0bKugnTQdpiOWByN:/mSDZf+xyiS/UKFcbfgn0nwByN
Score
10/10
Malware Config
Extracted
Family
snakekeylogger
Credentials
Protocol: smtp- Host:
cp5ua.hyperhost.ua - Port:
587 - Username:
[email protected] - Password:
7213575aceACE@#$ - Email To:
[email protected]
Signatures
-
Snake Keylogger payload 1 IoCs
-
Snakekeylogger family
-
StormKitty payload 1 IoCs
-
Stormkitty family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
668-63-0x0000000000400000-0x0000000000426000-memory.dmp
Headers
Sections