General
-
Target
e27c4a1ff2556f0b90ba28fe8d9cb7c1f0373036a8cbf728dbde4562b9923dd0exe.exe
-
Size
530KB
-
Sample
231207-ygr1nsfb38
-
MD5
d0b48d8117d430d660a1acbd903fa5df
-
SHA1
f1be90f5da052fdbbd5e1a7c7322affc71689519
-
SHA256
e27c4a1ff2556f0b90ba28fe8d9cb7c1f0373036a8cbf728dbde4562b9923dd0
-
SHA512
a5afbcde6a8b7c7455a6381e7e6c2b4f6a2afee545ac58b7697fcf9d519cb6baa7f0930ec3e8f2d288d5e5e15833ad875fef0511eb9984bf4557dcb529d0bc5f
-
SSDEEP
12288:7yYQaueH5q0J1ETrXaCWBM9B9zXjxUSPXxJQkY8vJf:7y8q0J+TjaC/veS/xT
Static task
static1
Behavioral task
behavioral1
Sample
e27c4a1ff2556f0b90ba28fe8d9cb7c1f0373036a8cbf728dbde4562b9923dd0exe.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
e27c4a1ff2556f0b90ba28fe8d9cb7c1f0373036a8cbf728dbde4562b9923dd0exe.exe
Resource
win10v2004-20231130-en
Malware Config
Targets
-
-
Target
e27c4a1ff2556f0b90ba28fe8d9cb7c1f0373036a8cbf728dbde4562b9923dd0exe.exe
-
Size
530KB
-
MD5
d0b48d8117d430d660a1acbd903fa5df
-
SHA1
f1be90f5da052fdbbd5e1a7c7322affc71689519
-
SHA256
e27c4a1ff2556f0b90ba28fe8d9cb7c1f0373036a8cbf728dbde4562b9923dd0
-
SHA512
a5afbcde6a8b7c7455a6381e7e6c2b4f6a2afee545ac58b7697fcf9d519cb6baa7f0930ec3e8f2d288d5e5e15833ad875fef0511eb9984bf4557dcb529d0bc5f
-
SSDEEP
12288:7yYQaueH5q0J1ETrXaCWBM9B9zXjxUSPXxJQkY8vJf:7y8q0J+TjaC/veS/xT
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-