General
-
Target
9f28ef04771581d657a96fb6a683faea.exe
-
Size
83KB
-
Sample
231106-k8f6labg59
-
MD5
9f28ef04771581d657a96fb6a683faea
-
SHA1
107c997513892a119b26c9a07b5fe4ae027aba86
-
SHA256
b6b789bb154eaee918cb7eec069e9a80ca1e7596d27a2a8495ddee5e800259ed
-
SHA512
07a97d9103eeb3680e8edeb8554f6b805da292d1a1ae7b8be64955468961fb8d0c870281b17859fdb11e4ec841c4cbaa60b7fbcf88704b19d61dead3bad9d712
-
SSDEEP
1536:QhVzlAsccJUo4ZUjdklKSRPDr7p17fm/fKeFz0yRVfnBIJdwq3s2G65ISLI:QpcrUwn1rm/f/z0cVfnCQqhGPSc
Malware Config
Targets
-
-
Target
9f28ef04771581d657a96fb6a683faea.exe
-
Size
83KB
-
MD5
9f28ef04771581d657a96fb6a683faea
-
SHA1
107c997513892a119b26c9a07b5fe4ae027aba86
-
SHA256
b6b789bb154eaee918cb7eec069e9a80ca1e7596d27a2a8495ddee5e800259ed
-
SHA512
07a97d9103eeb3680e8edeb8554f6b805da292d1a1ae7b8be64955468961fb8d0c870281b17859fdb11e4ec841c4cbaa60b7fbcf88704b19d61dead3bad9d712
-
SSDEEP
1536:QhVzlAsccJUo4ZUjdklKSRPDr7p17fm/fKeFz0yRVfnBIJdwq3s2G65ISLI:QpcrUwn1rm/f/z0cVfnCQqhGPSc
Score10/10-
Snake Keylogger
Keylogger and Infostealer first seen in November 2020.
-
Snake Keylogger payload
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-