General
-
Target
abf58920ed73ef807269982b4e62fa9a.bin
-
Size
920KB
-
Sample
231103-c895nsah6w
-
MD5
50c679bae432d45d0484aab80212f339
-
SHA1
b100af51f86d9fdcc5c86cc78fa90f8f1f4b92c4
-
SHA256
b7bd4deee0fea8e34230e8fb54e3a55a2441ca54c19827fabe221751f4c2e11c
-
SHA512
52227182e85da72f9d554969fe8244bef265b6b4384972a14e3d4324d587329e8f4017b49206c7a01a8259da9750090de6d9ef8c491a8e561bec5bdd65749a5a
-
SSDEEP
24576:3t4U8s+4cGDEm9wvJvVPySx0TAVIO6UyLsarw4fFH:3tr+nbZvRVaA06qLHzV
Static task
static1
Behavioral task
behavioral1
Sample
1a43ce284eeb6c62750e67cfd710109ea3461e0fdb4e3ef6df64b159e78f8fd2.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
1a43ce284eeb6c62750e67cfd710109ea3461e0fdb4e3ef6df64b159e78f8fd2.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
us2.smtp.mailhostbox.com - Port:
587 - Username:
[email protected] - Password:
BkKMmzZ1
Targets
-
-
Target
1a43ce284eeb6c62750e67cfd710109ea3461e0fdb4e3ef6df64b159e78f8fd2.exe
-
Size
1.4MB
-
MD5
abf58920ed73ef807269982b4e62fa9a
-
SHA1
03e66fb10269f7ba6fe0bc8200ba5685f224ac7c
-
SHA256
1a43ce284eeb6c62750e67cfd710109ea3461e0fdb4e3ef6df64b159e78f8fd2
-
SHA512
c67e36cd7934a0bd4c4b14909f66d8b1349a21f1286ccc719ecbe14e4cdaaad0874e9c4bd9b8799806c1a26b4ad40fd0c9249c880b0aad015be184a3dda97411
-
SSDEEP
24576:qrEb2grO4+yKPoJHZ6gLl2FNY0wxOSkMoXwwaP7d3BFMukWMG+gcXh6dvrBV1ge+:+Eb2FyKI5wNVwxJk7XvTG+g+h6dvrBVy
Score10/10-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-