Overview

overview

10

Static

static

10

1528-131-0...ry.exe

windows7-x64

1528-131-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1528-131-0x0000000000440000-0x0000000000A42000-memory.dmp

  • Size

    6.0MB

  • MD5

    3634effb7d41339b22a73bd2ab748c46

  • SHA1

    44550fd9c410e87bc48f014579e6ed86ab5d7b0f

  • SHA256

    0fc485be98ec9a449acc0ed6c663ba1cb99565caed895774ff448c18207cdb55

  • SHA512

    ecabdd7914487d2201ca4d03bc07d53f9fb36cfc9e1f7b1a4fc929caaaef98922dce3f243d6eed080645c2bcfdc4b27212e25a8d514b11d20c18530d644c88c3

  • SSDEEP

    1536:gtMpEvqHEIsanS4rp7+YeIPyxPQMFkIiAWbKupIaQPbtKSOpiOWBWMF0Kcl:gtMKHUrYYeIPyVNiBbfWPblYwBWMFbY

Score
10/10
snakekeyloggerstormkitty

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot5928295303:AAGuNoBPUTvSleTT4FySvjzDqvqzDvvy0hE/sendMessage?chat_id=5884533010

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger
  • StormKitty payload 1 IoCs
  • Stormkitty family
    stormkitty
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1528-131-0x0000000000440000-0x0000000000A42000-memory.dmp
    .exe windows x86


    Headers

    Sections