General
-
Target
Quotation China.exe
-
Size
124KB
-
Sample
230929-krl1hsgh5t
-
MD5
3adcb908c47a0e9e9358430dcc0c5b55
-
SHA1
a3cc683b61c6b571d973ba51c682f48534e6d01f
-
SHA256
2623f5e2a7aa90ec2c7d11a3e60fca615a629ca352a5ccdf9d4243c46e720738
-
SHA512
a04d200902513678f86150473c223c83c2c4f84f78a34142a0e84c95b04b3ddf2f151358988971b57d0843644cc61e44ce23438314cf578d879d8099886108de
-
SSDEEP
3072:eOOYz2Yaq4T7pwMxjF9uJokbUPITDlwBT8EDbY:vzJU+okbpTE8+b
Behavioral task
behavioral1
Sample
Quotation China.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
Quotation China.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
snakekeylogger
https://api.telegram.org/bot6553808600:AAEctl9z_ViEe1VbBXIi3Q8EzcyyXMP9F5g/sendMessage?chat_id=5086753017
Targets
-
-
Target
Quotation China.exe
-
Size
124KB
-
MD5
3adcb908c47a0e9e9358430dcc0c5b55
-
SHA1
a3cc683b61c6b571d973ba51c682f48534e6d01f
-
SHA256
2623f5e2a7aa90ec2c7d11a3e60fca615a629ca352a5ccdf9d4243c46e720738
-
SHA512
a04d200902513678f86150473c223c83c2c4f84f78a34142a0e84c95b04b3ddf2f151358988971b57d0843644cc61e44ce23438314cf578d879d8099886108de
-
SSDEEP
3072:eOOYz2Yaq4T7pwMxjF9uJokbUPITDlwBT8EDbY:vzJU+okbpTE8+b
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-