General
-
Target
1968-60-0x00000000006C0000-0x00000000006E6000-memory.dmp
-
Size
152KB
-
MD5
bef752a91926bbbbcf96f029e99c2d3b
-
SHA1
969add236a4080f13bf1a8f8df4d7e9437873f33
-
SHA256
84f525e6a500b1ad0be0aba963a725240a820518521601de923f165a782b4026
-
SHA512
d0eff1981a045ca586620bda772625cf10aa5467026d2d7eec7c1cd21c09e642f03f4c7ce93ae737e8ebb5a3e3ab1a7802fd63a2579122d33fbb54f442435b1b
-
SSDEEP
1536:PfDDtKMbewY2b0P99+vBUFrlYYeakUWOtiM5GSGcBMFqKS3f6Nb/zA+UubDpiOWb:PfDDt3aY0PfeaXKo6Nb7VtwB4NOgbY
Score
10/10
Malware Config
Extracted
Family
snakekeylogger
Credentials
Protocol: ftp- Host:
ftp://peruglobo.com/ - Port:
21 - Username:
[email protected] - Password:
YSw&oCV&c23w
Signatures
-
Snake Keylogger payload 1 IoCs
-
Snakekeylogger family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1968-60-0x00000000006C0000-0x00000000006E6000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections