General
-
Target
4589098654345SK.exe
-
Size
270KB
-
Sample
230602-k8fvtsbb4z
-
MD5
67fc49b3cb7052507170c6d58da57e7d
-
SHA1
68b373cf1c9977d53c655f5dd8246e3d4546b1b3
-
SHA256
5f4d2798e71ac2cd0315a6d1ed4c5fcb51d445bdf60a574d51ca673b90172780
-
SHA512
ca5a20352a08d81e66db30718f507195a52e108d625ab0b0d78a0c757a587f271e17fc61988cbe1d25987bf147f0b36b44a76fda1c4d9a2dbc07ee682b334821
-
SSDEEP
6144:PYa6sVyBOAJdgdGJ2xoxxOSmqu8G+UCYKZBYeGqZYjVNDm2TcVkUBm:PYW2OEleBsu8QCYKjCq6jVNDmpS
Static task
static1
Behavioral task
behavioral1
Sample
4589098654345SK.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
4589098654345SK.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
4589098654345SK.exe
-
Size
270KB
-
MD5
67fc49b3cb7052507170c6d58da57e7d
-
SHA1
68b373cf1c9977d53c655f5dd8246e3d4546b1b3
-
SHA256
5f4d2798e71ac2cd0315a6d1ed4c5fcb51d445bdf60a574d51ca673b90172780
-
SHA512
ca5a20352a08d81e66db30718f507195a52e108d625ab0b0d78a0c757a587f271e17fc61988cbe1d25987bf147f0b36b44a76fda1c4d9a2dbc07ee682b334821
-
SSDEEP
6144:PYa6sVyBOAJdgdGJ2xoxxOSmqu8G+UCYKZBYeGqZYjVNDm2TcVkUBm:PYW2OEleBsu8QCYKjCq6jVNDmpS
Score10/10-
Snake Keylogger payload
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-