General
-
Target
080ca9b165ef6819e3e5f6fed3daeb6c10b931abbbc90f4311f1bce3b17eb514.exe
-
Size
538KB
-
Sample
231201-xjrl9afb69
-
MD5
019df12da577237d46ffc72593220071
-
SHA1
6438178b0ae6adcfa3dd09591a80e30d24355b83
-
SHA256
080ca9b165ef6819e3e5f6fed3daeb6c10b931abbbc90f4311f1bce3b17eb514
-
SHA512
47726a74d5f8eb1440292313adc9e1cf00a965f09f8275932121f8202e03a4e5cd165b0d6e78d025d414b4147f9eb52d6837db54c3b10c4c233a3c17371f3c3d
-
SSDEEP
12288:NHST1G0KuG7s1nAMQ9tmyxUfXZsPBzPaMQqopoxo:AT00KuP6TmyxUfXZsPBrhBeT
Malware Config
Targets
-
-
Target
080ca9b165ef6819e3e5f6fed3daeb6c10b931abbbc90f4311f1bce3b17eb514.exe
-
Size
538KB
-
MD5
019df12da577237d46ffc72593220071
-
SHA1
6438178b0ae6adcfa3dd09591a80e30d24355b83
-
SHA256
080ca9b165ef6819e3e5f6fed3daeb6c10b931abbbc90f4311f1bce3b17eb514
-
SHA512
47726a74d5f8eb1440292313adc9e1cf00a965f09f8275932121f8202e03a4e5cd165b0d6e78d025d414b4147f9eb52d6837db54c3b10c4c233a3c17371f3c3d
-
SSDEEP
12288:NHST1G0KuG7s1nAMQ9tmyxUfXZsPBzPaMQqopoxo:AT00KuP6TmyxUfXZsPBrhBeT
Score10/10-
Snake Keylogger
Keylogger and Infostealer first seen in November 2020.
-
Snake Keylogger payload
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-