General
-
Target
contract.ex_
-
Size
567KB
-
Sample
231129-lytjlsfe41
-
MD5
abe2321abf51ddcc3052ea95463cf075
-
SHA1
76eab53aa77073470e852fec6994132adf3fe238
-
SHA256
0953d0c4e072d76d4161488b3b769f924bc79f61c2b4b806fcdaf1dde610d9d4
-
SHA512
538309d100d80f9fccc47adc967e07b31f0c6713add0f8b081d153fccbd174376859a479624bc0f04faf4ef435c71adb69fc22f63929b4934281a7034c0a6e2f
-
SSDEEP
12288:5zcopox4BitDWifAXA/n7xkhGzSVv1B61dLCg92oUb:GelaWfCePVYdLC60
Static task
static1
Behavioral task
behavioral1
Sample
contract.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
contract.exe
Resource
win10v2004-20231127-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.mct2.co.za - Port:
587 - Username:
[email protected] - Password:
00000
Targets
-
-
Target
contract.ex_
-
Size
567KB
-
MD5
abe2321abf51ddcc3052ea95463cf075
-
SHA1
76eab53aa77073470e852fec6994132adf3fe238
-
SHA256
0953d0c4e072d76d4161488b3b769f924bc79f61c2b4b806fcdaf1dde610d9d4
-
SHA512
538309d100d80f9fccc47adc967e07b31f0c6713add0f8b081d153fccbd174376859a479624bc0f04faf4ef435c71adb69fc22f63929b4934281a7034c0a6e2f
-
SSDEEP
12288:5zcopox4BitDWifAXA/n7xkhGzSVv1B61dLCg92oUb:GelaWfCePVYdLC60
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-