General
-
Target
SKM90882023.exe
-
Size
938KB
-
Sample
230512-g26acsca73
-
MD5
0d0bedb51ff0892dd404bb734697b7c5
-
SHA1
8f86ae0ba8a146c1f752b5a852f1a8b244178fbc
-
SHA256
3b16426b7fffcd105a82ef228ea3abda230fe89dfb1c4be3ba57c3573da56831
-
SHA512
303730a5b90f45a4f7e0777f5a3dbfa4be6ce3ab16ff02571751c335a8c1faea0b1bc68d556e3303ae3594a7d7e7ca47ecef9f32d106858f8b8bf76768ce8eac
-
SSDEEP
24576:+whh2UGpldavC4dgiqbZQOrXwLfaJKd0aQNN+Fh/X:g+q4XqVtXhwdONN+FZ
Static task
static1
Behavioral task
behavioral1
Sample
SKM90882023.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
SKM90882023.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
SKM90882023.exe
-
Size
938KB
-
MD5
0d0bedb51ff0892dd404bb734697b7c5
-
SHA1
8f86ae0ba8a146c1f752b5a852f1a8b244178fbc
-
SHA256
3b16426b7fffcd105a82ef228ea3abda230fe89dfb1c4be3ba57c3573da56831
-
SHA512
303730a5b90f45a4f7e0777f5a3dbfa4be6ce3ab16ff02571751c335a8c1faea0b1bc68d556e3303ae3594a7d7e7ca47ecef9f32d106858f8b8bf76768ce8eac
-
SSDEEP
24576:+whh2UGpldavC4dgiqbZQOrXwLfaJKd0aQNN+Fh/X:g+q4XqVtXhwdONN+FZ
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-