General
-
Target
b78f9dc987653121104c5eaa55ab8d4a.exe
-
Size
904KB
-
Sample
230806-p73enabg2s
-
MD5
b78f9dc987653121104c5eaa55ab8d4a
-
SHA1
96bc3f89fd957faa8f99091d14ff7bb17ea8c3e5
-
SHA256
5dc5d1c2c2615331ea899d3c56e681d5ae4098887efb634d23ece74a29846623
-
SHA512
c47c58ffdd869178e978749cde813102de7b6a83b7005125d273aa8d838fef59ace26fd02c187b759bda736e25e5030ab583985b3411c6768f9401fa23431196
-
SSDEEP
12288:HZm2JnLbO9qdWCXws8r4gJpLSqs+yEiWz/gPdflvX7/x3s7aTbXh2zDibm3BJLF0:YThOag19157gCsLnblo
Static task
static1
Behavioral task
behavioral1
Sample
b78f9dc987653121104c5eaa55ab8d4a.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
b78f9dc987653121104c5eaa55ab8d4a.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
msonsgroup.in - Port:
587 - Username:
[email protected] - Password:
speak2424@ - Email To:
[email protected]
Targets
-
-
Target
b78f9dc987653121104c5eaa55ab8d4a.exe
-
Size
904KB
-
MD5
b78f9dc987653121104c5eaa55ab8d4a
-
SHA1
96bc3f89fd957faa8f99091d14ff7bb17ea8c3e5
-
SHA256
5dc5d1c2c2615331ea899d3c56e681d5ae4098887efb634d23ece74a29846623
-
SHA512
c47c58ffdd869178e978749cde813102de7b6a83b7005125d273aa8d838fef59ace26fd02c187b759bda736e25e5030ab583985b3411c6768f9401fa23431196
-
SSDEEP
12288:HZm2JnLbO9qdWCXws8r4gJpLSqs+yEiWz/gPdflvX7/x3s7aTbXh2zDibm3BJLF0:YThOag19157gCsLnblo
Score10/10-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-