Overview

overview

10

Static

static

10

42a1b13fcf...05.exe

windows7-x64

10

42a1b13fcf...05.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    aca804d5d77bd73228eaa44a95402330.bin.bin

  • Size

    45KB

  • MD5

    61750b35ea44eb02a38946bb52546c2a

  • SHA1

    ba9264a81f44041d06db0fba3686c5135dc6af13

  • SHA256

    ed7fabb5a01f0218941097d10f025f7d6e0881c4a432223601440be8b8397e4a

  • SHA512

    e4d02bcff5be282b923362231b22ceece5e146d6c4490322adbf93d6b6d087f1728996af7f4db5c93f3de65c888cb2b93194fc881b65e420e83ad3751aff6eaf

  • SSDEEP

    768:FRTRBLN5J6L2JeAHhaF9JC99sABYO5nKuJ2N2GbpcvAIq0mB6VqZqpyFm9LlI8M1:FdRBp5gVABaF9EHZ7xKuJIlVcvAIJmJ9

Score
10/10
snakekeylogger

Malware Config

Extracted

Family

snakekeylogger

Credentials

  • Protocol:     smtp
  • Host:
    valleycountysar.org
  • Port:
    26
  • Username:
    [email protected]
  • Password:
    }eQA)VL2!$V}

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • aca804d5d77bd73228eaa44a95402330.bin.bin
    .zip

    Password: infected

  • 42a1b13fcfeac3b9171c33a5f5d5cd202e022653fd40a3d77ec0ecffbdb25805.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections