Overview

overview

10

Static

static

10

1412-63-0x...ry.exe

windows7-x64

1412-63-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1412-63-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    b0430cf7d74691d9652fefc7d4ea5ec8

  • SHA1

    17b5b45f1ee33720e2f2af49ad2cc5ab4a00dfa1

  • SHA256

    14cd331693da0beb2129e40274f6a0cd34f4287acd8d453e51b8e02a9f3cd6a4

  • SHA512

    9aedb8a6c8a173d1cd29ab8084878ff6b3a01c87ab6e6068d0cbad358d3246c5d0b3e9606e88be936dca0228aefa260425ce31e7b045e84bde32eb3cdcab427c

  • SSDEEP

    1536:atMpEvqHEIsanj0ly+G0/nE+vBUFrlY9DZKkAMFF71qB3Mb2qEvtebKu1vYfDLEU:atMKH7/tDZv0eBEgbfdYfuwB

Score
10/10
snakekeyloggerstormkitty

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot6184373842:AAEi4_K3dZEhdl4S0W6iImdyZ5yqJ6dp-1E/sendMessage?chat_id=5069697890

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger
  • StormKitty payload 1 IoCs
  • Stormkitty family
    stormkitty
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1412-63-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows x86


    Headers

    Sections