General

  • Target

    3928-143-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    1af99222d2de9d1386d9ff3807f78e06

  • SHA1

    7980fffdc8b0272690afe19f39356a9591cf4c4d

  • SHA256

    355bfbb681dbf2639e38107bf09413d291fac241c1a04683ff75ad6ea6b20e6b

  • SHA512

    13ae5330d108fe67c30a817dff7638ed44c2419a7d4ae449b607de29a58013497aa8e9926b5fd552912d9e99982c6d2f6611d4e099fb2a95b12348c3d4614c18

  • SSDEEP

    3072:9w1/iasc0uNi3zDmRpSb7H1mcMfBINBgbY:EiLu+eSbMONab

Score
10/10

Malware Config

Extracted

Family

snakekeylogger

Credentials

  • Protocol:
    smtp
  • Host:
    smtp.mtbooks.com.mx
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    ^QGUcHQjx3

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3928-143-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows x86


    Headers

    Sections