General
-
Target
e9f8140bfc47ab663dd2e6bbed311a06ec65e594d01b636338eb9adcb93d80f9
-
Size
42KB
-
Sample
231011-szx2ragb5x
-
MD5
58acf1e1b226043145bbadad7efdbe3a
-
SHA1
be8e82697298822a7d108f240afef73dd825c55d
-
SHA256
e9f8140bfc47ab663dd2e6bbed311a06ec65e594d01b636338eb9adcb93d80f9
-
SHA512
6d0d4bbe8534824c1e714ca591a24d4f8250a30062843306056dbb093ec87b43510e93e7c8719f03338b7ce118b59d92356c673e170fde35be0fdf64aa91144a
-
SSDEEP
768:FmUcDqmONVhaa3zGs1G/4iDhtvuSGCF0xxRNZ5A47oa3EkBm2PGD9:EUcEDjGIGh1E3CF0J1A48a3BmTJ
Behavioral task
behavioral1
Sample
Quotation China.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
Quotation China.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
snakekeylogger
https://api.telegram.org/bot6553808600:AAEctl9z_ViEe1VbBXIi3Q8EzcyyXMP9F5g/sendMessage?chat_id=5086753017
Targets
-
-
Target
Quotation China.exe
-
Size
124KB
-
MD5
3adcb908c47a0e9e9358430dcc0c5b55
-
SHA1
a3cc683b61c6b571d973ba51c682f48534e6d01f
-
SHA256
2623f5e2a7aa90ec2c7d11a3e60fca615a629ca352a5ccdf9d4243c46e720738
-
SHA512
a04d200902513678f86150473c223c83c2c4f84f78a34142a0e84c95b04b3ddf2f151358988971b57d0843644cc61e44ce23438314cf578d879d8099886108de
-
SSDEEP
3072:eOOYz2Yaq4T7pwMxjF9uJokbUPITDlwBT8EDbY:vzJU+okbpTE8+b
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-