General
-
Target
762caa1af324f758515800584c2ed5fa.exe
-
Size
551KB
-
Sample
230709-g26wwsah77
-
MD5
762caa1af324f758515800584c2ed5fa
-
SHA1
1fb9d04b2dd0124faab3643d743ca207c17d9ce3
-
SHA256
db7f70227c9ba4a6977cbd919bf9aa2f611d2557b145e5a8d7f06d184dd9d5d3
-
SHA512
23317580dc9f7057f7787f12a1225651458d40c4ab3611cded86771ee88e557c76a429cf2105ab56bba397a457e8bfb706b678f777acf1bae0efa0d637d627de
-
SSDEEP
12288:NzfI83QbSepCGUE+T7tRzjfeR1Ee/aOx3f:dB3QbSZ3nnvjofaOx
Static task
static1
Behavioral task
behavioral1
Sample
762caa1af324f758515800584c2ed5fa.exe
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
762caa1af324f758515800584c2ed5fa.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.qbangra.com - Port:
587 - Username:
[email protected] - Password:
QBangra2020 - Email To:
[email protected]
Targets
-
-
Target
762caa1af324f758515800584c2ed5fa.exe
-
Size
551KB
-
MD5
762caa1af324f758515800584c2ed5fa
-
SHA1
1fb9d04b2dd0124faab3643d743ca207c17d9ce3
-
SHA256
db7f70227c9ba4a6977cbd919bf9aa2f611d2557b145e5a8d7f06d184dd9d5d3
-
SHA512
23317580dc9f7057f7787f12a1225651458d40c4ab3611cded86771ee88e557c76a429cf2105ab56bba397a457e8bfb706b678f777acf1bae0efa0d637d627de
-
SSDEEP
12288:NzfI83QbSepCGUE+T7tRzjfeR1Ee/aOx3f:dB3QbSZ3nnvjofaOx
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-