General
-
Target
1912-82-0x0000000000400000-0x0000000000426000-memory.dmp
-
Size
152KB
-
MD5
375a0dee1319ae7dd451319bc4d362af
-
SHA1
d82e686327f3ac421693a26a8ff35eb95b3c5c44
-
SHA256
8ebfa4563fbeb965abddadf4bac3021ce6305ef08915b26b0355a10c44a55eca
-
SHA512
a543ec4609d54b1a59522ee433383fb6afc793f0a75ed0aec2ab5a45269563765a339d7842507b7167fcdf24ae59dc66a4a36b3a0b70dc778262c8d8ca9cabf9
-
SSDEEP
3072:MFDuQEtnIchqWOzbbfGuhImqpwBjrFbY:hQANO/bjhPb
Score
10/10
Malware Config
Extracted
Family
snakekeylogger
Credentials
Protocol: smtp- Host:
cp5ua.hyperhost.ua - Port:
587 - Username:
[email protected] - Password:
7213575aceACE@#$ - Email To:
[email protected]
Signatures
-
Snake Keylogger payload 1 IoCs
-
Snakekeylogger family
-
StormKitty payload 1 IoCs
-
Stormkitty family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1912-82-0x0000000000400000-0x0000000000426000-memory.dmp
Headers
Sections