General
-
Target
NEAS.6d427013d7c28c435ca95888dff8bee0.exe
-
Size
279KB
-
Sample
231102-t8ykbagh9v
-
MD5
6d427013d7c28c435ca95888dff8bee0
-
SHA1
bbba700e65165aec00e672e57aadb460b41ef4b7
-
SHA256
a80035a72f24576683f6f490a4e8c9b94998aba882430227f2f201ad845cdbd4
-
SHA512
af5d15495fde3281cd116e9b0a43f593f11643942abf0def7046e03bd10cb9eedf706e00de4a3a8b3473a50634451d2a7feed940de92aa0e7e56d4abae6207a3
-
SSDEEP
6144:Bi6hMrvVvL6mqARyhHhnLiyTAbU3vWeq06zvyduQpxp0Un0QEai7uxnZgalZRndl:Bi6hMrvJLcuylhtAg3Oeq06zKduEb0U7
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.6d427013d7c28c435ca95888dff8bee0.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.6d427013d7c28c435ca95888dff8bee0.exe
Resource
win10v2004-20231020-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
smtp.azebal.com - Port:
587 - Username:
[email protected] - Password:
#*ehEFidm0 - Email To:
[email protected]
Targets
-
-
Target
NEAS.6d427013d7c28c435ca95888dff8bee0.exe
-
Size
279KB
-
MD5
6d427013d7c28c435ca95888dff8bee0
-
SHA1
bbba700e65165aec00e672e57aadb460b41ef4b7
-
SHA256
a80035a72f24576683f6f490a4e8c9b94998aba882430227f2f201ad845cdbd4
-
SHA512
af5d15495fde3281cd116e9b0a43f593f11643942abf0def7046e03bd10cb9eedf706e00de4a3a8b3473a50634451d2a7feed940de92aa0e7e56d4abae6207a3
-
SSDEEP
6144:Bi6hMrvVvL6mqARyhHhnLiyTAbU3vWeq06zvyduQpxp0Un0QEai7uxnZgalZRndl:Bi6hMrvJLcuylhtAg3Oeq06zKduEb0U7
Score10/10-
Snake Keylogger payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-