Overview

overview

10

Static

static

10

1772-76-0x...ry.exe

windows7-x64

1772-76-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1772-76-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    2d18c7aaf1027dee4440d252333723c8

  • SHA1

    402592ecbd6af5ccae7bb335b953520f61c07955

  • SHA256

    b412893640f06a891b78fd085e1e0a434f36508f11e2551f6e0fdf102fe4017f

  • SHA512

    0e6843929701018985862e96d002a45ad3b2c869ed1e7601cdd19b9d1fb1016ee3aac8d233d7b82700eaa2a3174b8a6d8ce93c4dcee69a08850a360b18a7fefc

  • SSDEEP

    1536:PtMpEvqHEIsanj0ly+G0/UV+vBUFrlY9kmKNpMFXBHEQNbKumdzCUpiOWB:PtMKH7/7kmXHEcbfx+wB

Score
10/10
snakekeyloggerstormkitty

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot6029559841:AAEqr8_NCfqapJgAzw8PoPbqoCosnsk1VO0/sendMessage?chat_id=6033043077

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger
  • StormKitty payload 1 IoCs
  • Stormkitty family
    stormkitty
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1772-76-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows x86


    Headers

    Sections