General

  • Target

    c6420a8447c3f86b047b16a83e1e63b4.bin

  • Size

    48KB

  • MD5

    493b521700cadb9816c6ce84812b6eed

  • SHA1

    8710f4e105bd67c638c7cb6aec024f907f13e86e

  • SHA256

    ef04842cae9f303300389e72beab465a7f7fd7af7b158d6c88623d1bb5f5baef

  • SHA512

    b913892e34734ee891a4ad4aa1b210c9d959121199ce69c1c2a42a2c0a569c951e0909da0b970fbc5f5fc15c0406473315ddf3db3a038b2d2303f5d97108a7ee

  • SSDEEP

    1536:EbrXsZVkGhzT9cN3h0NzRFknUfMaedfeS3mL:HZuicRhezknxpfzw

Malware Config

Extracted

Family

snakekeylogger

Credentials

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
  • StormKitty payload 1 IoCs
  • Stormkitty family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • c6420a8447c3f86b047b16a83e1e63b4.bin
    .zip

    Password: infected

  • 8a49431fd4fd9885e25e9cebac5d65cc87d4de950165b5935c9faa642d28b812.exe
    .exe windows x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections