Overview

overview

10

Static

static

10

1320-127-0...ry.exe

windows7-x64

1320-127-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1320-127-0x00000000002D0000-0x00000000008E4000-memory.dmp

  • Size

    6.1MB

  • MD5

    52fc880165ae29ee3bdb4b5091a7c07d

  • SHA1

    93cabc47da4ace59a90cc515c0441bdc0e2e2ce6

  • SHA256

    e022a5c03c4a6367acc8d1f1709cc8833cb7182ebbf701b905c128c0d311df96

  • SHA512

    879735dfbde6ae12de5d7403bc78cb60eb55722b0670c83a23b218f91c09d6a924d122568ff2f47747631524bcf97d46ff32cfe217927391bef6acab7d131237

  • SSDEEP

    1536:5tMpEvqHEIsanS4rp7+YeIPyxPQMFkIiAWbKupIaQPbtKSOpiOWBWfF0Kcl:5tMKHUrYYeIPyVNiBbfWPblYwBWfFbY

Score
10/10
snakekeyloggerstormkitty

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot5928295303:AAGuNoBPUTvSleTT4FySvjzDqvqzDvvy0hE/sendMessage?chat_id=5884533010

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger
  • StormKitty payload 1 IoCs
  • Stormkitty family
    stormkitty
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1320-127-0x00000000002D0000-0x00000000008E4000-memory.dmp
    .exe windows x86


    Headers

    Sections