General
-
Target
lmm.vir
-
Size
126KB
-
Sample
231012-fatltahe69
-
MD5
00beaf0b10d9ea32a8857efbdaa9cf55
-
SHA1
4c0e6ce8bf3afe2db364d5fcbe83c41e44d58a52
-
SHA256
7c381aa21265e230ee872afa0d7374024ca82f17030a6dda5514ab21d9cf0b4b
-
SHA512
9eb307999ccb4d8e165ff3d2822a8ed97e1762a1c5430071797cc994ab2e88412c978c7bf91d469735ec83a78471d06392081cba1b7f05e71900681f8a31a357
-
SSDEEP
3072:BOOYz2qq21BdsBQznGJbMdyy9wBHP3gbY:ezAG6JbPPwb
Behavioral task
behavioral1
Sample
lmm.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
lmm.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
snakekeylogger
https://api.telegram.org/bot6316392918:AAHcjKTVDupG6SMH3LkXAeVBgHKlqsAcmRU/sendMessage?chat_id=6445748530
Targets
-
-
Target
lmm.vir
-
Size
126KB
-
MD5
00beaf0b10d9ea32a8857efbdaa9cf55
-
SHA1
4c0e6ce8bf3afe2db364d5fcbe83c41e44d58a52
-
SHA256
7c381aa21265e230ee872afa0d7374024ca82f17030a6dda5514ab21d9cf0b4b
-
SHA512
9eb307999ccb4d8e165ff3d2822a8ed97e1762a1c5430071797cc994ab2e88412c978c7bf91d469735ec83a78471d06392081cba1b7f05e71900681f8a31a357
-
SSDEEP
3072:BOOYz2qq21BdsBQznGJbMdyy9wBHP3gbY:ezAG6JbPPwb
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-