General
-
Target
3087ad6676cc9169389d5dcbe9328099c9fb386a8e2c0ebaf2eae4c92924e692.exe
-
Size
578KB
-
Sample
231201-vm6t8sdh7y
-
MD5
e774b25a7a8751c5725ed2ba1dede243
-
SHA1
71e7a04a9d9448d2da4c353642829edcc8fdcb67
-
SHA256
3087ad6676cc9169389d5dcbe9328099c9fb386a8e2c0ebaf2eae4c92924e692
-
SHA512
8d825a39760d2792b2b0a0403f781963167642e936e4b857c2c34144fe8c16b4b6fd7abb0c83c89999af5652c73151d39b9c45327fb75ffde866dc0f41aa5908
-
SSDEEP
12288:Tjqcopox437NBg4OChLjFg/r8tn2FLXNFT3xOg8cqWdE:Ze3Hg43hLBio2FLXNB3xOgQoE
Static task
static1
Behavioral task
behavioral1
Sample
3087ad6676cc9169389d5dcbe9328099c9fb386a8e2c0ebaf2eae4c92924e692.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
3087ad6676cc9169389d5dcbe9328099c9fb386a8e2c0ebaf2eae4c92924e692.exe
Resource
win10v2004-20231127-en
Malware Config
Targets
-
-
Target
3087ad6676cc9169389d5dcbe9328099c9fb386a8e2c0ebaf2eae4c92924e692.exe
-
Size
578KB
-
MD5
e774b25a7a8751c5725ed2ba1dede243
-
SHA1
71e7a04a9d9448d2da4c353642829edcc8fdcb67
-
SHA256
3087ad6676cc9169389d5dcbe9328099c9fb386a8e2c0ebaf2eae4c92924e692
-
SHA512
8d825a39760d2792b2b0a0403f781963167642e936e4b857c2c34144fe8c16b4b6fd7abb0c83c89999af5652c73151d39b9c45327fb75ffde866dc0f41aa5908
-
SSDEEP
12288:Tjqcopox437NBg4OChLjFg/r8tn2FLXNFT3xOg8cqWdE:Ze3Hg43hLBio2FLXNB3xOgQoE
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-