General
-
Target
1ad7213fc35b76e52a5278afd382c8dc.exe
-
Size
456KB
-
Sample
230805-lwmy2scf8t
-
MD5
1ad7213fc35b76e52a5278afd382c8dc
-
SHA1
4549bd31a3f09c8bc48bc763d3d2387b63bfe0b0
-
SHA256
0c9d6d9180321e740f823f4a5d5d356cefdf7211d264401a6ccc61fa3cd6728f
-
SHA512
09a33b0d959e832d9b6fc9c47e6f5d2642655714f63e88d2f23987c8314896b6bc7d590a1657b6deda27dc96eb081394b5d2c397d56d0b3fb8de36fc59a90b03
-
SSDEEP
12288:NWHCM2K4CGcmpn4XkGtSDOidayNXODXC:n3CGv1LqPDX
Static task
static1
Behavioral task
behavioral1
Sample
1ad7213fc35b76e52a5278afd382c8dc.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
1ad7213fc35b76e52a5278afd382c8dc.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
smtp.vivaldi.net - Port:
587 - Username:
[email protected] - Password:
#munachimso# - Email To:
[email protected]
Targets
-
-
Target
1ad7213fc35b76e52a5278afd382c8dc.exe
-
Size
456KB
-
MD5
1ad7213fc35b76e52a5278afd382c8dc
-
SHA1
4549bd31a3f09c8bc48bc763d3d2387b63bfe0b0
-
SHA256
0c9d6d9180321e740f823f4a5d5d356cefdf7211d264401a6ccc61fa3cd6728f
-
SHA512
09a33b0d959e832d9b6fc9c47e6f5d2642655714f63e88d2f23987c8314896b6bc7d590a1657b6deda27dc96eb081394b5d2c397d56d0b3fb8de36fc59a90b03
-
SSDEEP
12288:NWHCM2K4CGcmpn4XkGtSDOidayNXODXC:n3CGv1LqPDX
Score10/10-
Snake Keylogger payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-