General
-
Target
73938a877e6150f9e2c46a84df8c1eef.exe
-
Size
601KB
-
Sample
230805-lwmy2scf8v
-
MD5
73938a877e6150f9e2c46a84df8c1eef
-
SHA1
b29a8dff1e2f90620a2f1a24750e578ec38026cc
-
SHA256
f5f16852761bc7fdf0327d60493d3910bf40f826d42b8bd84f145d5ed659ae6b
-
SHA512
91b9b7dbf61a21896562769aee8a12dc6697e048536b8de74118d710b4297758aadde5037e7c1b60876ed45721934bfc383d9f48b80fd2707e42e127d50655af
-
SSDEEP
12288:cRmZ2iNuWvSv0BQLY0s5CzoTSgadrLrjEpd8:n1Akbk/s5eoTEOO
Static task
static1
Behavioral task
behavioral1
Sample
73938a877e6150f9e2c46a84df8c1eef.exe
Resource
win7-20230712-en
Malware Config
Extracted
snakekeylogger
Protocol: ftp- Host:
ftp://almasa.com.pe/ - Port:
21 - Username:
[email protected] - Password:
i($Ei~YKMTZY
Targets
-
-
Target
73938a877e6150f9e2c46a84df8c1eef.exe
-
Size
601KB
-
MD5
73938a877e6150f9e2c46a84df8c1eef
-
SHA1
b29a8dff1e2f90620a2f1a24750e578ec38026cc
-
SHA256
f5f16852761bc7fdf0327d60493d3910bf40f826d42b8bd84f145d5ed659ae6b
-
SHA512
91b9b7dbf61a21896562769aee8a12dc6697e048536b8de74118d710b4297758aadde5037e7c1b60876ed45721934bfc383d9f48b80fd2707e42e127d50655af
-
SSDEEP
12288:cRmZ2iNuWvSv0BQLY0s5CzoTSgadrLrjEpd8:n1Akbk/s5eoTEOO
Score10/10-
Snake Keylogger payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-