Overview

overview

10

Static

static

10

652-64-0x0...ry.exe

windows7-x64

652-64-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    652-64-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    25c8963379d6a3f0ab686e35ef7204b4

  • SHA1

    226efd42dd1457a4bcc0a442544563806586b977

  • SHA256

    3f8c559ab957967967052c762604b3a6f509742a395046809c5d565897b49a7c

  • SHA512

    f286636845234d3da79f6435bbde75745ea37b2b33bc8ccbba05611f5c3bcb9b8a1b18f015f096d82c9d4c7b123f1f236c1b89ecfda8513b24b7fbd2be3f5d41

  • SSDEEP

    3072:2tMKHlrYYeIPyV95mZqa+dbfYpwBW4FbY:0Ogs/mUbVb

Score
10/10
snakekeyloggerstormkitty

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot1184434303:AAFeNNVI4VWtGfD8meVCo4D2rV2sUW_5yMQ/sendMessage?chat_id=1054969340

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger
  • StormKitty payload 1 IoCs
  • Stormkitty family
    stormkitty
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 652-64-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows x86


    Headers

    Sections