General
-
Target
b96706157a1d93dda7d037753161f1f0.exe
-
Size
128KB
-
Sample
230505-xwt8xaae81
-
MD5
b96706157a1d93dda7d037753161f1f0
-
SHA1
1ec4e8dbec4c4d593de40c8a3fbc7ab819894c59
-
SHA256
379e369213c375ca8d627d44578fb2bac555cc650b20bb24850344ebe3df51d3
-
SHA512
6bb26ebc98f53b028e557254f46eab4248092619a980b3ff71c68958aa44f0fa6dc37ba325f4a635a2a8bef9b26980520c929c3e1c4e65ebb985ac76173ed410
-
SSDEEP
1536:FJR6g1Z2Mx7km4THQ6822uS9tAnRpzvevwWRcIbKuJXbMf9piO5BKDF0Kcl:FJR6rIQ23AnRpzC5RnbfqfHfBKDFbY
Behavioral task
behavioral1
Sample
b96706157a1d93dda7d037753161f1f0.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
b96706157a1d93dda7d037753161f1f0.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.condominioaocubo.pt - Port:
587 - Username:
[email protected] - Password:
Qualidade.c3.2018 - Email To:
[email protected]
Extracted
Protocol: smtp- Host:
mail.condominioaocubo.pt - Port:
587 - Username:
[email protected] - Password:
Qualidade.c3.2018
Targets
-
-
Target
b96706157a1d93dda7d037753161f1f0.exe
-
Size
128KB
-
MD5
b96706157a1d93dda7d037753161f1f0
-
SHA1
1ec4e8dbec4c4d593de40c8a3fbc7ab819894c59
-
SHA256
379e369213c375ca8d627d44578fb2bac555cc650b20bb24850344ebe3df51d3
-
SHA512
6bb26ebc98f53b028e557254f46eab4248092619a980b3ff71c68958aa44f0fa6dc37ba325f4a635a2a8bef9b26980520c929c3e1c4e65ebb985ac76173ed410
-
SSDEEP
1536:FJR6g1Z2Mx7km4THQ6822uS9tAnRpzvevwWRcIbKuJXbMf9piO5BKDF0Kcl:FJR6rIQ23AnRpzC5RnbfqfHfBKDFbY
-
Snake Keylogger payload
-
StormKitty payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-