General
-
Target
NEAS.06ecf916b6e3d161ee0614ac558477f56b8f9212fc41bf00234ff62b15b86027.exe
-
Size
123KB
-
Sample
231110-sx2bdshg61
-
MD5
cb1d86841c8f922f3a4106b0dba1b144
-
SHA1
8eacdefdb557684ca8e9204621e7459d339d8f28
-
SHA256
06ecf916b6e3d161ee0614ac558477f56b8f9212fc41bf00234ff62b15b86027
-
SHA512
7da8c39b95ab5c81212869c81eb781b8023f60bc321d1def49079792f7b32949fdf8c67202585292547a3653252dde503b5facaf484a48cc2f27ca24ff8f2a5d
-
SSDEEP
3072:Ww1/isKYBIkBGiKupMnmb7fDf7gHwBkxSgbY:Ziy3T0mbjD8xbb
Behavioral task
behavioral1
Sample
NEAS.06ecf916b6e3d161ee0614ac558477f56b8f9212fc41bf00234ff62b15b86027.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
NEAS.06ecf916b6e3d161ee0614ac558477f56b8f9212fc41bf00234ff62b15b86027.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.gkas.com.tr - Port:
587 - Username:
[email protected] - Password:
Gkasteknik@2022
Targets
-
-
Target
NEAS.06ecf916b6e3d161ee0614ac558477f56b8f9212fc41bf00234ff62b15b86027.exe
-
Size
123KB
-
MD5
cb1d86841c8f922f3a4106b0dba1b144
-
SHA1
8eacdefdb557684ca8e9204621e7459d339d8f28
-
SHA256
06ecf916b6e3d161ee0614ac558477f56b8f9212fc41bf00234ff62b15b86027
-
SHA512
7da8c39b95ab5c81212869c81eb781b8023f60bc321d1def49079792f7b32949fdf8c67202585292547a3653252dde503b5facaf484a48cc2f27ca24ff8f2a5d
-
SSDEEP
3072:Ww1/isKYBIkBGiKupMnmb7fDf7gHwBkxSgbY:Ziy3T0mbjD8xbb
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-