Overview

overview

10

Static

static

10

560-76-0x0...ry.exe

windows7-x64

560-76-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    560-76-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    e2b4b16cafe1d264813a72b7837aab40

  • SHA1

    273c1362f617bb4fb97312739801ba8897ab4292

  • SHA256

    de6dc407d803c556335fb99f7571406acb2585a377c158ec421055d1a4e7234c

  • SHA512

    d9f1b81d75ddcc04dec66987814fa605f8d8b076f0e2eab803794c554341dc282baf27a7f28118584d98660a457c62319d6d36ff99b519146e50542a78462f3b

  • SSDEEP

    1536:8tMpEvqHEIsang0ly+G0/nE+vBUFrlY9DZKkAMFiisK/i1I/fbKu4vh5Ev2piOWu:8tMKHE/tDZIiRUcfbfi5EvwwBlFbY

Score
10/10
snakekeyloggerstormkitty

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot5861540471:AAFXCiZSJXtn5JonLHiv4xaz5kAYhSl9Ymg/sendMessage?chat_id=5010941489

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger
  • StormKitty payload 1 IoCs
  • Stormkitty family
    stormkitty
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 560-76-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows x86


    Headers

    Sections