General
-
Target
SHG0987654345780065FATU.exe
-
Size
257KB
-
Sample
230807-qjcprsfd69
-
MD5
a70aa9db141cac25a0ec2699e64d6e3b
-
SHA1
fdbeeab2fb8314c22c5bb88aa4811b2ece092bee
-
SHA256
ddc7d24e5b1c79a929518d52c3e769a434ad770c7282aa4e1c23ed78bad5a439
-
SHA512
da44e6de29509415d7c7bb05206e3a2c79bd8ba7f7c48c78e9ba7452ffba60f1fd2573b1e81fde82fa250b0f1d3c8c4e4be79a27964feaaed1d197392c661c86
-
SSDEEP
6144:gYa6NEVDjMetLU9CRnnnJoXwxptNsej3QHomCPJP31fHg5LXrRekMa:gY/6T4cnJogxptNH6qZFfAVlekMa
Static task
static1
Behavioral task
behavioral1
Sample
SHG0987654345780065FATU.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
SHG0987654345780065FATU.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
SHG0987654345780065FATU.exe
-
Size
257KB
-
MD5
a70aa9db141cac25a0ec2699e64d6e3b
-
SHA1
fdbeeab2fb8314c22c5bb88aa4811b2ece092bee
-
SHA256
ddc7d24e5b1c79a929518d52c3e769a434ad770c7282aa4e1c23ed78bad5a439
-
SHA512
da44e6de29509415d7c7bb05206e3a2c79bd8ba7f7c48c78e9ba7452ffba60f1fd2573b1e81fde82fa250b0f1d3c8c4e4be79a27964feaaed1d197392c661c86
-
SSDEEP
6144:gYa6NEVDjMetLU9CRnnnJoXwxptNsej3QHomCPJP31fHg5LXrRekMa:gY/6T4cnJogxptNH6qZFfAVlekMa
Score10/10-
Snake Keylogger payload
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-