General
-
Target
1692-61-0x0000000000920000-0x0000000000946000-memory.dmp
-
Size
152KB
-
MD5
f48419fa015d91faa563eeb8deebf4c4
-
SHA1
31e8257ccb4dddcbc9d11e0ba3d682f9ec6abb23
-
SHA256
722693f49f45474d3dbee152841fc4de63aec3ad7d6a903f7893ff2f096d69d2
-
SHA512
85c8873e99d271f1e8c07d622689a176410c1990675e4da09b31528366e25cdf5a9cfb2cd41c85764baf0f89b2e97065beea9dc0745134d5b89e3e40a0b220d6
-
SSDEEP
1536:OfDDtKMbtwY2b0P99+vBUFrlYYeakUWOtiM5GSGcBMFiNnkB02Nb/ztwYzClcqg:OfDDt3pY0Pfea3A3Nb7nGdWwB4NygbY
Score
10/10
Malware Config
Extracted
Family
snakekeylogger
Credentials
Protocol: ftp- Host:
ftp://almasa.com.pe/ - Port:
21 - Username:
[email protected] - Password:
i($Ei~YKMTZY
Signatures
-
Snake Keylogger payload 1 IoCs
-
Snakekeylogger family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1692-61-0x0000000000920000-0x0000000000946000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections