General
-
Target
09b3817e22e09ab29fcd725db7d220ac.exe
-
Size
669KB
-
Sample
231106-k8fvtsac2v
-
MD5
09b3817e22e09ab29fcd725db7d220ac
-
SHA1
8ea817a9d0515098caa8404b833aa49ed26f9214
-
SHA256
ebc207c310f6738099c6e4522b022b4c18fcbb3a0c385b1a8d71fc411285ca48
-
SHA512
ab54b9ecded0347404e16a54a3485b9a4679e1e45b05ae7d859ec04d43e2f18653462099309e6ad8928ae9095e5942d8d35821799b83375369e1a065526a79da
-
SSDEEP
12288:GboafvkdXjv7U2Ml3JoX2nxinANft2CxkNIUnq9cIc:plvvMRJoqt+NzUc
Static task
static1
Behavioral task
behavioral1
Sample
09b3817e22e09ab29fcd725db7d220ac.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
09b3817e22e09ab29fcd725db7d220ac.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.mct2.co.za - Port:
587 - Username:
[email protected] - Password:
00000
Targets
-
-
Target
09b3817e22e09ab29fcd725db7d220ac.exe
-
Size
669KB
-
MD5
09b3817e22e09ab29fcd725db7d220ac
-
SHA1
8ea817a9d0515098caa8404b833aa49ed26f9214
-
SHA256
ebc207c310f6738099c6e4522b022b4c18fcbb3a0c385b1a8d71fc411285ca48
-
SHA512
ab54b9ecded0347404e16a54a3485b9a4679e1e45b05ae7d859ec04d43e2f18653462099309e6ad8928ae9095e5942d8d35821799b83375369e1a065526a79da
-
SSDEEP
12288:GboafvkdXjv7U2Ml3JoX2nxinANft2CxkNIUnq9cIc:plvvMRJoqt+NzUc
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-