General
-
Target
Gun Ici Cek Statu Listesi.exe
-
Size
707KB
-
Sample
231126-vcvzzsae65
-
MD5
df9cc5e53cba3ae39407b8869a81e206
-
SHA1
b429c5b311055c819506c4c5e4df1c6cc288b008
-
SHA256
f8af447d9c19f47df305a44bc8556a1d0f651c22d911f320a53c2a36556988ff
-
SHA512
2b6a23917bb7ce1062f33e04d7b62eaace8e7abca3b90f5d99cc7f83816c12111493b426186708b095066c87f8ce61ee85a857cc38f321f4570da5ad228c9ae0
-
SSDEEP
12288:HGzkoVGyAbFjc+DUL5iEni6aHr7IoFWNjD76r/ECn394LIVeGy90a9vkL9FTJM+J:QxEyAjceUL5k6IPvSuLEy3SLF
Static task
static1
Behavioral task
behavioral1
Sample
Gun Ici Cek Statu Listesi.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
Gun Ici Cek Statu Listesi.exe
Resource
win10v2004-20231020-en
Malware Config
Targets
-
-
Target
Gun Ici Cek Statu Listesi.exe
-
Size
707KB
-
MD5
df9cc5e53cba3ae39407b8869a81e206
-
SHA1
b429c5b311055c819506c4c5e4df1c6cc288b008
-
SHA256
f8af447d9c19f47df305a44bc8556a1d0f651c22d911f320a53c2a36556988ff
-
SHA512
2b6a23917bb7ce1062f33e04d7b62eaace8e7abca3b90f5d99cc7f83816c12111493b426186708b095066c87f8ce61ee85a857cc38f321f4570da5ad228c9ae0
-
SSDEEP
12288:HGzkoVGyAbFjc+DUL5iEni6aHr7IoFWNjD76r/ECn394LIVeGy90a9vkL9FTJM+J:QxEyAjceUL5k6IPvSuLEy3SLF
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-