General
-
Target
fe2c051a9160b6207a186110b585a5b8.exe
-
Size
609KB
-
Sample
230806-p73enabf91
-
MD5
fe2c051a9160b6207a186110b585a5b8
-
SHA1
2b8b55fc8831150639c3dd3f531dd41cbec5408c
-
SHA256
96a6df07b7d331cd6fb9f97e7d3f2162e56f03b7f2b7cdad58193ac1d778e025
-
SHA512
b0d1dfdafcc7d9a9892b01a3ca22c2ff4ccbf9e4ed2c4567d9664210ee2f3e8bf4f7a8a229997d39189844d61b57e98d1543100bb7494c4bcf1ddf6bcbe1fdfe
-
SSDEEP
12288:sJwCjrhy3QCS3hDCKzgLAq4dEBRdotb4qhObg6Qd4wlTVeoMbSn:EwCjrhy3QCSBzm44oF45H0bmO
Static task
static1
Behavioral task
behavioral1
Sample
fe2c051a9160b6207a186110b585a5b8.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
fe2c051a9160b6207a186110b585a5b8.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.privateemail.com - Port:
587 - Username:
[email protected] - Password:
alibaba.com
Targets
-
-
Target
fe2c051a9160b6207a186110b585a5b8.exe
-
Size
609KB
-
MD5
fe2c051a9160b6207a186110b585a5b8
-
SHA1
2b8b55fc8831150639c3dd3f531dd41cbec5408c
-
SHA256
96a6df07b7d331cd6fb9f97e7d3f2162e56f03b7f2b7cdad58193ac1d778e025
-
SHA512
b0d1dfdafcc7d9a9892b01a3ca22c2ff4ccbf9e4ed2c4567d9664210ee2f3e8bf4f7a8a229997d39189844d61b57e98d1543100bb7494c4bcf1ddf6bcbe1fdfe
-
SSDEEP
12288:sJwCjrhy3QCS3hDCKzgLAq4dEBRdotb4qhObg6Qd4wlTVeoMbSn:EwCjrhy3QCSBzm44oF45H0bmO
Score10/10-
CustAttr .NET packer
Detects CustAttr .NET packer in memory.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-