Overview

overview

10

Static

static

10

1116-119-0...ry.exe

windows7-x64

1116-119-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1116-119-0x0000000000350000-0x00000000009AF000-memory.dmp

  • Size

    6.4MB

  • MD5

    bb7e6986ea8ac6281392765b47ae617e

  • SHA1

    9f5bcccf9670af06f99c3c67640b9ee224f38f6e

  • SHA256

    d275bb3b89ccbb4da2991118c9c4eccf8c15ba6c7dfa3c2839915132bd54dcaf

  • SHA512

    2d5c2f4cddca282260b59c7bddad4f721c7ddf2474300c7e048f33ebd24679c225687d56f6fc89f62d738f53641af7228a0987e094e61c6eaf94e71f3e9d1dfd

  • SSDEEP

    1536:LtMpEvqHEIsan14rp7+YeIPyxPQMFLqBqhuCFWbKuTGvtSzEpiOWBW/F0Kcl:LtMKHlrYYeIPyV9qkhGbfVzuwBW/FbY

Score
10/10
snakekeyloggerstormkitty

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot6160036640:AAHqrAdmG4_GQkcLvxoups3k8WSEUC34w1g/sendMessage?chat_id=2052461776

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger
  • StormKitty payload 1 IoCs
  • Stormkitty family
    stormkitty
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1116-119-0x0000000000350000-0x00000000009AF000-memory.dmp
    .exe windows x86


    Headers

    Sections