Overview

overview

10

Static

static

10

1448-63-0x...ry.exe

windows7-x64

1448-63-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1448-63-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    3bc3534a865009b9f2db664c9a70e525

  • SHA1

    8a7c9eb2534ae07fd2e4b44c46adaeca6757b9c6

  • SHA256

    84a5bf6424a6ef4c13c8a2bd686e6b7f14799e0b4eccca84b388b57f4d218257

  • SHA512

    e57d829228d59f44db56a2272fae7ec42bb4ab9e06fbd5e1c6a5b7d17b9e74a14e92e566a02588dbb734db91d8b969c5ea43323bf39761db42a10a9e6b66ff73

  • SSDEEP

    1536:1tMpEvqHEIsanj0ly+G0/nE+vBUFrlY9DZKkAMFAL0HbKu1Klh7wcpiOWB:1tMKH7/tDZ5bfMY2wB

Score
10/10
snakekeyloggerstormkitty

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot5843567515:AAEdtJWwcJKNn64U81CKVdG-li_Ejds8raM/sendMessage?chat_id=1639214896

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger
  • StormKitty payload 1 IoCs
  • Stormkitty family
    stormkitty
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1448-63-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows x86


    Headers

    Sections