General
-
Target
9faa00d302e72c01005093ba1f4338153747d2f6564922313fb720df0afb7fbe
-
Size
550KB
-
Sample
231205-v84a8sdh76
-
MD5
fcea2ad72b29bf604c28e6e122705d59
-
SHA1
a9db50dc02e8600b1131da40c7fea5b70837457a
-
SHA256
9faa00d302e72c01005093ba1f4338153747d2f6564922313fb720df0afb7fbe
-
SHA512
b6076226b50d62309299f48427ed02ab264780d20af6e4a7d8d3bca49897c4b4808f15f89c140612960fda9c5d23db6d62e954ac76527ac7a9cd6f4c6a6b588c
-
SSDEEP
12288:Jke7Uv8Fgdx7AC9SQnkfaoiGdD2tI8KYb9OzM3eO3sLF9PajzPbbZ:J54RwRQnkfaoHd91zMZOF9Pct
Static task
static1
Behavioral task
behavioral1
Sample
PI.exe
Resource
win7-20231201-en
Behavioral task
behavioral2
Sample
PI.exe
Resource
win10v2004-20231130-en
Malware Config
Targets
-
-
Target
PI.exe
-
Size
587KB
-
MD5
7bd84364839005d2ed7244767b8a6b43
-
SHA1
c059a07d693a63f04c683bbfc10c9ff0d48c32dd
-
SHA256
2a8e0ce38c434c439f20c577a430907b303aa67a412d7c8ef22c8c41b4646733
-
SHA512
729a3976b3d281173b6f502f1507636b75e041b067ff26caec659b5fb074619287b30fc5e0e9086bd732b4980808e05b893ae7e41cd8f0dd387a7ee7b82fecc7
-
SSDEEP
12288:+ll5nF8EEmhXTaMWPaGlTZ/VwzamlVJZoouagzQMPW04dqrlbKaw:gllEMDaBZKum7roouagEMO0HhbKaw
Score10/10-
Snake Keylogger payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-