Overview

overview

10

Static

static

10

1488-63-0x...ry.exe

windows7-x64

1488-63-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1488-63-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    761049d0b9637a30dc120639216da9e2

  • SHA1

    c16198bb795f117172c014f219f6cc9a99d7f939

  • SHA256

    0c42a3102740c5fee09d7399240b8da22b168db42d171da12dcee610e5b97c10

  • SHA512

    aba8c0135e96a1e0025a4a73002c48c5debb346e9b6ecb43540cf5f14e95f3e7f2b0641cc1fbdf6df5852681617c3ba6cf9e446db8c4ce744291c632642ab685

  • SSDEEP

    1536:2tMpEvqHEIsan14rp7+YeIPyxPQMFL5FUx7Lqa+6ibKuUDUhmrPnpiOWBW:2tMKHlrYYeIPyV95mZqa+dbfYpwBW

Score
10/10
snakekeyloggerstormkitty

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot1184434303:AAFeNNVI4VWtGfD8meVCo4D2rV2sUW_5yMQ/sendMessage?chat_id=1054969340

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger
  • StormKitty payload 1 IoCs
  • Stormkitty family
    stormkitty
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1488-63-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows x86


    Headers

    Sections