Extracted

• • Target

    Bank In Slip.exe

  • Size

    509KB

  • MD5

    0e647dedfa775cc5ed0d19860982a34d

  • SHA1

    05aca0ee0ac66ea0da11353f1c7b089b8f342eb9

  • SHA256

    ce2069d49214c9cee4c60ccc51a0b9816ad8fc4446f5df75f313e3f843e8e666

  • SHA512

    38b68b60948aece7d5f856523e73b5b140ef3434a979be754c6505dd6e88da041e31d6722528feecb1c71d2ed90ead0df3ff3c662f4e5247cd774685d2c340b1

  • SSDEEP

    12288:yuPkV6igNm0uAIXnGdfaKMCDU16EC45r8T8mUd/F3gMW:1yV0PojCDXECCmRoF

  Score

  10^/10

  snakekeyloggercollectionkeyloggerspywarestealer

  • Snake Keylogger

    Keylogger and Infostealer first seen in November 2020.

    stealerkeyloggersnakekeylogger

  • Snake Keylogger payload

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2