General
-
Target
e5832cd8f7599a7f4f2bba451f0bba45.exe
-
Size
127KB
-
Sample
230610-l3xrtsfc9y
-
MD5
e5832cd8f7599a7f4f2bba451f0bba45
-
SHA1
a48ebc12b27b204168377b344b8a1bf2ce85fe41
-
SHA256
47a79a05ca373636bb5ff70d34ae5e5bc9deaf18b45d7dc55ef7bcece399d952
-
SHA512
13e8c110952dd298fff04a595228f1d99c95f7ee79684f88a716d373dce172ee8b55475e6bb79cfa4355336499e3cf06d18e8c6c08676cc289d703ac8b92881f
-
SSDEEP
3072:+OOYz2VWPIdSd6bhkKLitjqJ6b7s8IxwBjbXgbY:PzCJlkKLi8J6bDbQb
Behavioral task
behavioral1
Sample
e5832cd8f7599a7f4f2bba451f0bba45.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
e5832cd8f7599a7f4f2bba451f0bba45.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
snakekeylogger
https://api.telegram.org/bot6112875567:AAELAi1dztc_XKpDFEg1a1IG01250o2gxXs/sendMessage?chat_id=5687933537
Targets
-
-
Target
e5832cd8f7599a7f4f2bba451f0bba45.exe
-
Size
127KB
-
MD5
e5832cd8f7599a7f4f2bba451f0bba45
-
SHA1
a48ebc12b27b204168377b344b8a1bf2ce85fe41
-
SHA256
47a79a05ca373636bb5ff70d34ae5e5bc9deaf18b45d7dc55ef7bcece399d952
-
SHA512
13e8c110952dd298fff04a595228f1d99c95f7ee79684f88a716d373dce172ee8b55475e6bb79cfa4355336499e3cf06d18e8c6c08676cc289d703ac8b92881f
-
SSDEEP
3072:+OOYz2VWPIdSd6bhkKLitjqJ6b7s8IxwBjbXgbY:PzCJlkKLi8J6bDbQb
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-