General
-
Target
b7be42fecf7ad7b08c42cd4a166885bc.bin
-
Size
44KB
-
MD5
b484b441b306f128b4ffb48588681021
-
SHA1
a7ca6a0ea771eb43e81e5baa6706b27838024c04
-
SHA256
985a43de6386830678fa9b01cb9f74002d20755d0e04d96fdfcb1ae3f71deeb5
-
SHA512
c20eb9b9ac08488bd1a815432dc4d9f407724d15677eff07ddd756211aa5491bd5c2b87251174b47843faaad2307e16c5ae19d2b036866ea21576291ca197196
-
SSDEEP
768:Y36PnyJ2wC6vaMV+c+etAEaxIHCeG9m/1ajdLetTIhisFc3lSyauW9KkrZLU+WOu:Y36P4HvaM8c+OAEaOHCeG9AEjdST+Dcb
Score
10/10
Malware Config
Extracted
Family
snakekeylogger
Credentials
Protocol: smtp- Host:
mail.rampelloelectricidad.com - Port:
587 - Username:
[email protected] - Password:
raulruben55 - Email To:
[email protected]
Signatures
-
Snake Keylogger payload 1 IoCs
-
Snakekeylogger family
-
StormKitty payload 1 IoCs
-
Stormkitty family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
b7be42fecf7ad7b08c42cd4a166885bc.bin
Password: infected
-
e25a323d5a0785d9e69188f5a57d68939cdee4fd1b75586739a5d899abe19e54.exe
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections