Overview

overview

10

Static

static

10

1880-68-0x...ry.exe

windows7-x64

1880-68-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1880-68-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    5157ccbaada16f7f8a0104ab664d687f

  • SHA1

    12a0cf71ea31eccd62b222edf540d435679dac13

  • SHA256

    899000c4b26c771588d14b22456bd7b96a2fdf7c4bdc5bd3cac5588fc1a6a529

  • SHA512

    5949de5582bd2bade45dcc590d3831a6e94e842749657e1ef9ff1643a0ab51c7cc81fc54c401bfc168349c8776c30181e9a000a344ff07f1387666951cbb644e

  • SSDEEP

    1536:5tMpEqKKbw8U2nTZHEQnIr7bHXP/My2NOBmHbKuiQNhQIspiO5BAvI1Y:5tMK5Kc2TV47bf/L98bfVZGfB4w

Score
10/10
snakekeyloggerstormkitty

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot6273702310:AAGUtuDoY11m3LCVw0RgYYXqZb-1CRvB5Ok/sendMessage?chat_id=6143595836

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger
  • StormKitty payload 1 IoCs
  • Stormkitty family
    stormkitty
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1880-68-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows x86


    Headers

    Sections