General
-
Target
6b5c72e165326ce364e60ed624389320e7c1ca3dd09ba163fcf9500ed3315403exe.exe
-
Size
298KB
-
Sample
231129-va526sab29
-
MD5
529e2b070ea17b74626579c8fdd1f834
-
SHA1
44e1951cf080065f6a4249241b1a4f58f5b7ad8f
-
SHA256
6b5c72e165326ce364e60ed624389320e7c1ca3dd09ba163fcf9500ed3315403
-
SHA512
2fe59c416d962a851f9f2b1df6405eac474e89cc423ea72310d7e8bd2a5c45df35b267fa9f592ec34210d70a6d421e51376d989e9e6ef1590587b282b5f15002
-
SSDEEP
6144:ABlL/9PcycfXafb+Ji7LPX/KPpekXIfxnPuQQHt9Ugv4Z8:ynPMfJJi7L6Po7NmQQrUgv4m
Static task
static1
Behavioral task
behavioral1
Sample
6b5c72e165326ce364e60ed624389320e7c1ca3dd09ba163fcf9500ed3315403exe.exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
6b5c72e165326ce364e60ed624389320e7c1ca3dd09ba163fcf9500ed3315403exe.exe
Resource
win10v2004-20231127-en
Malware Config
Targets
-
-
Target
6b5c72e165326ce364e60ed624389320e7c1ca3dd09ba163fcf9500ed3315403exe.exe
-
Size
298KB
-
MD5
529e2b070ea17b74626579c8fdd1f834
-
SHA1
44e1951cf080065f6a4249241b1a4f58f5b7ad8f
-
SHA256
6b5c72e165326ce364e60ed624389320e7c1ca3dd09ba163fcf9500ed3315403
-
SHA512
2fe59c416d962a851f9f2b1df6405eac474e89cc423ea72310d7e8bd2a5c45df35b267fa9f592ec34210d70a6d421e51376d989e9e6ef1590587b282b5f15002
-
SSDEEP
6144:ABlL/9PcycfXafb+Ji7LPX/KPpekXIfxnPuQQHt9Ugv4Z8:ynPMfJJi7L6Po7NmQQrUgv4m
Score10/10-
Snake Keylogger payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-