General
-
Target
23021205_4534Documentation-PDF.exe
-
Size
758KB
-
Sample
231206-md8cpsdf78
-
MD5
8a9db3f90c433ec06a9c0c33d776123b
-
SHA1
6f61cbc021cc283af8bb9c42d468c4fe591f070f
-
SHA256
3d11da50a09634887b61468945a424c3e9104424071969b6dc72ca098bcb0c2b
-
SHA512
2e42b3878f6e46580f5e69fb7eb1c19deaf336ae09cbf8cd71243b9f7086c71aa842cc18933ead5efb000d71dcdac8dff425a0b03c4c31f4337087662817cffc
-
SSDEEP
12288:sX5nF8pREGHTbr1A1TQ3j0qGLHJars0KIgBHdCob89XDCl7yrBfJNo5sAD:emr6TQZJs0K5BHd3b89XDNs
Static task
static1
Behavioral task
behavioral1
Sample
23021205_4534Documentation-PDF.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
23021205_4534Documentation-PDF.exe
Resource
win10v2004-20231130-en
Malware Config
Targets
-
-
Target
23021205_4534Documentation-PDF.exe
-
Size
758KB
-
MD5
8a9db3f90c433ec06a9c0c33d776123b
-
SHA1
6f61cbc021cc283af8bb9c42d468c4fe591f070f
-
SHA256
3d11da50a09634887b61468945a424c3e9104424071969b6dc72ca098bcb0c2b
-
SHA512
2e42b3878f6e46580f5e69fb7eb1c19deaf336ae09cbf8cd71243b9f7086c71aa842cc18933ead5efb000d71dcdac8dff425a0b03c4c31f4337087662817cffc
-
SSDEEP
12288:sX5nF8pREGHTbr1A1TQ3j0qGLHJars0KIgBHdCob89XDCl7yrBfJNo5sAD:emr6TQZJs0K5BHd3b89XDNs
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-