General
-
Target
SecuriteInfo.com.Win32.TrojanX-gen.13038.29708
-
Size
763KB
-
Sample
231123-kaxexshe6s
-
MD5
f4e9acbb76a17418e01d5c2ba397aeff
-
SHA1
115d6837f1b7a14041ce446901e642f668eed9fa
-
SHA256
f9abeebda334e6ff506326bb578cba3b1e3309b04641a3cf0adb4302a03c476e
-
SHA512
c8fabc8d3d45474f036f12079790fe0277f97eb1807b522ebe3b57192465d783968f31a726f55ede0db50be6dc8b3fdc1c2a147236cb252a9d23d60887d29d5b
-
SSDEEP
12288:sUA7NEE6jD/pLXGkJl8Me0rllpJIPdOjwX7IHpBaQo3wMPQeLgH0JtvL:eEtD/F2k78erllDIPzqpBwwLZ49
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.TrojanX-gen.13038.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Win32.TrojanX-gen.13038.exe
Resource
win10v2004-20231020-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Win32.TrojanX-gen.13038.29708
-
Size
763KB
-
MD5
f4e9acbb76a17418e01d5c2ba397aeff
-
SHA1
115d6837f1b7a14041ce446901e642f668eed9fa
-
SHA256
f9abeebda334e6ff506326bb578cba3b1e3309b04641a3cf0adb4302a03c476e
-
SHA512
c8fabc8d3d45474f036f12079790fe0277f97eb1807b522ebe3b57192465d783968f31a726f55ede0db50be6dc8b3fdc1c2a147236cb252a9d23d60887d29d5b
-
SSDEEP
12288:sUA7NEE6jD/pLXGkJl8Me0rllpJIPdOjwX7IHpBaQo3wMPQeLgH0JtvL:eEtD/F2k78erllDIPzqpBwwLZ49
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-