Overview

overview

10

Static

static

10

2712-13-0x...ry.exe

windows7-x64

2712-13-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2712-13-0x0000000000400000-0x0000000000424000-memory.dmp

  • Size

    144KB

  • Sample

    231112-jt754add6w

  • MD5

    3fe7c77d614d64603109271682f0be59

  • SHA1

    6f197a476dd4d22bdb9ef917177228a41f286791

  • SHA256

    74e8d8f02293f6b303a68c8e856ef106ad93d8189fe54eefd0d7a37a06f29479

  • SHA512

    0e66f4a1cd0202f9abc3e1d0c79982ac23e6d7203f42e6e76459d0324a54371e586fa1647a596b095a81b1f0d9bbf6f3207bd8035379842d2fd5d25b39929399

  • SSDEEP

    1536:W57jq5+tnNTgK7kuikKVuqYaD+lMFVJNUzjhMmhIbb/z2Fzj4rDpiOWBGP:W57jqUJj7zpKVnYaDoheb7ok5wBGP

Score
10/10
snakekeylogger

Malware Config

Extracted

Family

snakekeylogger

Credentials

  • Protocol:     smtp
  • Host:
    mail.noscoegypt.com
  • Port:
    465
  • Username:
    [email protected]
  • Password:
    j3w[Ok%-wW,@
  • Email To:
    URL: mail.noscoegypt.com
C2

https://api.telegram.org/bot6812788177:AAGkIGRh-hqEtxCxIbq-Dbm2V68_RxIRo8c/sendMessage?chat_id=5007084465

Targets

    • Target

      2712-13-0x0000000000400000-0x0000000000424000-memory.dmp

    • Size

      144KB

    • MD5

      3fe7c77d614d64603109271682f0be59

    • SHA1

      6f197a476dd4d22bdb9ef917177228a41f286791

    • SHA256

      74e8d8f02293f6b303a68c8e856ef106ad93d8189fe54eefd0d7a37a06f29479

    • SHA512

      0e66f4a1cd0202f9abc3e1d0c79982ac23e6d7203f42e6e76459d0324a54371e586fa1647a596b095a81b1f0d9bbf6f3207bd8035379842d2fd5d25b39929399

    • SSDEEP

      1536:W57jq5+tnNTgK7kuikKVuqYaD+lMFVJNUzjhMmhIbb/z2Fzj4rDpiOWBGP:W57jqUJj7zpKVnYaDoheb7ok5wBGP

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks