Overview

overview

10

Static

static

10

1724-70-0x...ry.exe

windows7-x64

1724-70-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1724-70-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    d3af500171f51238bab2ba68ff982225

  • SHA1

    79fa56d18000fbf9b32cd901c9ae7bccc2053545

  • SHA256

    1a72ddfff6ca70e56c2345d96554d2dd2e4ba1611b18eca7d3cf6050d92368c9

  • SHA512

    0d56e6ea51ca9928b6fc93b5a894e9baea144661462e0d7f1fc4889604e67f9d5b375a06d7e7a23bb5fdb5103a72d110c72377788ec0265245e70c2b6d248f7d

  • SSDEEP

    1536:OtMpEvqHEIsan14rp7+YeIPyxPQMFR4OkfbKuq6Y4Vs0VpiOWBW:OtMKHlrYYeIPyVbhqbflY47PwBW

Score
10/10
snakekeyloggerstormkitty

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot2106150449:AAHIwsHmr23aQkTnyeD_XA0cTAX8yk2mXFM/sendMessage?chat_id=1990813371

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger
  • StormKitty payload 1 IoCs
  • Stormkitty family
    stormkitty
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1724-70-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows x86


    Headers

    Sections