General
-
Target
AWB5331810761.exe
-
Size
517KB
-
Sample
231204-v49mfsdh52
-
MD5
fa7c160068137a6169be8bcaa00e408c
-
SHA1
8028763154b40c81ae85eb6dbf1dcc7d834b96d3
-
SHA256
dd85a193900788d9b13eabcaa02085cdf8a72cb5d3d4e3444ec1bd741c6721f2
-
SHA512
ae5dc7d46f154eb7db4da0f6a3db098c7cd51e49a8905facb340a76f3b9be335d3d909cd70f1d337da8dfa541c0bf8202cedcb3c3598ff755b1ee64aa6a88e79
-
SSDEEP
12288:Y45+po2MokrGa1hhBJx6/X3lmz3rIcjM6/oJXG:b+pJ+Ka/hBj6/HQJj9/O
Static task
static1
Behavioral task
behavioral1
Sample
AWB5331810761.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
AWB5331810761.exe
Resource
win10v2004-20231127-en
Malware Config
Targets
-
-
Target
AWB5331810761.exe
-
Size
517KB
-
MD5
fa7c160068137a6169be8bcaa00e408c
-
SHA1
8028763154b40c81ae85eb6dbf1dcc7d834b96d3
-
SHA256
dd85a193900788d9b13eabcaa02085cdf8a72cb5d3d4e3444ec1bd741c6721f2
-
SHA512
ae5dc7d46f154eb7db4da0f6a3db098c7cd51e49a8905facb340a76f3b9be335d3d909cd70f1d337da8dfa541c0bf8202cedcb3c3598ff755b1ee64aa6a88e79
-
SSDEEP
12288:Y45+po2MokrGa1hhBJx6/X3lmz3rIcjM6/oJXG:b+pJ+Ka/hBj6/HQJj9/O
Score10/10-
Snake Keylogger payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-