Overview

overview

10

Static

static

10

2928-64-0x...ry.exe

windows7-x64

2928-64-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2928-64-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    03e604b4c6af05b99e59f7a939a8f4fc

  • SHA1

    628c02541bead4a66b736d0d1ad5675c7930b7ab

  • SHA256

    b5524245583cf069ea205bdc939f13547c7803a033e08b05d327eed5760e8879

  • SHA512

    295cacaddd75bffd79f7c00ec5435ee5ebdc3dae93011f6bde0e05f83d5bef92c332b9a744d04c78189e0cce875b635a373b46e1a3822d521ee17045a4b14ffa

  • SSDEEP

    1536:xw1/iSBsc0QV77jPvKCi3QJW7DmrWhR9LIIWeb/z4Qz+eoYdpiO5BIN:xw1/iasc0uNi3zDm6D9M+b7tzJnfBIN

Score
10/10
snakekeylogger

Malware Config

Extracted

Family

snakekeylogger

Credentials

  • Protocol:     smtp
  • Host:
    webmail.satnet.net
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    reve1563

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2928-64-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows x86


    Headers

    Sections