General
-
Target
Contract.exe
-
Size
635KB
-
Sample
231127-m86glagb6v
-
MD5
dd93d84341928fb925e5446b3795cae2
-
SHA1
60b1c23aa28efb711fce60e82a389635e5e6bbc8
-
SHA256
fe2ed4220640da4d6e2e1e89e4a0dcc0bb67aaa2905b22276fc8a31ed65ea9e3
-
SHA512
dfdb35755c63180819f38a0693d6d6bcfc564c8448d15be135f84bd7e7f364d3fe7169bb28e07f0e40fe92f9094ccf2c63bc27768ecf001380922fcb23595987
-
SSDEEP
12288:pzeMMXRqdK/hWGJG/klXwWFynxWh7OPY6ilWG1gjd7BR6wT:pzeMSREydw/asAhGe/opB
Static task
static1
Behavioral task
behavioral1
Sample
Contract.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
Contract.exe
Resource
win10v2004-20231020-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.mct2.co.za - Port:
587 - Username:
[email protected] - Password:
00000
Targets
-
-
Target
Contract.exe
-
Size
635KB
-
MD5
dd93d84341928fb925e5446b3795cae2
-
SHA1
60b1c23aa28efb711fce60e82a389635e5e6bbc8
-
SHA256
fe2ed4220640da4d6e2e1e89e4a0dcc0bb67aaa2905b22276fc8a31ed65ea9e3
-
SHA512
dfdb35755c63180819f38a0693d6d6bcfc564c8448d15be135f84bd7e7f364d3fe7169bb28e07f0e40fe92f9094ccf2c63bc27768ecf001380922fcb23595987
-
SSDEEP
12288:pzeMMXRqdK/hWGJG/klXwWFynxWh7OPY6ilWG1gjd7BR6wT:pzeMSREydw/asAhGe/opB
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-