General
-
Target
0f149fac933a5eb6928c7c97e6272f2f3f5af71fcb93f9850a22b24a19d0755b.exe.zip
-
Size
288KB
-
Sample
231201-spvtmscc3y
-
MD5
51a1227a3501f02c01d1ab1b9408f786
-
SHA1
c3bebdc3d1f3abf07ed2aaacbff416f228c7e385
-
SHA256
50adf3d89dae3573c0ce2b3152cb50f5938e561e884657430752fcea2573eb8b
-
SHA512
fe9b64e05ed49664e857b19c1268d9d15a390a7b4b628d0a7b19b1ed011e4090372e940fc389c495d78ee2d7b43cc0a7211587875815142ed081cc91e2a67770
-
SSDEEP
6144:HA7+9yEXXZ5C62Ack1prOZahuGwV3dZaA20KSajqy+2FsDk9AsK1gN0Ctwa+:gZEXp5C+l3MaMGyIje2FGs2gNZtwa+
Behavioral task
behavioral1
Sample
0f149fac933a5eb6928c7c97e6272f2f3f5af71fcb93f9850a22b24a19d0755b.exe
Resource
win7-20231023-en
Malware Config
Targets
-
-
Target
0f149fac933a5eb6928c7c97e6272f2f3f5af71fcb93f9850a22b24a19d0755b.exe
-
Size
480KB
-
MD5
43a01a183b3a8ae84d610a0d32deadc1
-
SHA1
dafabf5c99f8e872dc97cfaef742d57102f598b4
-
SHA256
0f149fac933a5eb6928c7c97e6272f2f3f5af71fcb93f9850a22b24a19d0755b
-
SHA512
3c5133e25a7555b94450efc03c7cae7b605fdaa48f9d5c58f3d50bc0334d727fb6fe286c1fb9e2bdd4162b05f3dc0150ea2fadeeff8e3de98d313de5e05b13c8
-
SSDEEP
12288:H7RN1oI4HAZvbdimEhbV0HAFwpTpBU073FEggkUpRgCKP+:HP4AZzdimEh71gCKP+
-
Snake Keylogger payload
-
Detectes Phoenix Miner Payload
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-