General
-
Target
10a3c3a3c388b4bde384068720dca0e0
-
Size
316KB
-
Sample
231219-m888gsbfb2
-
MD5
10a3c3a3c388b4bde384068720dca0e0
-
SHA1
cdcfa097331476d5ee6e713923ac69bbe0f8448e
-
SHA256
6e47024e23846e53598fe383b22a61d66060d95013c57103763d1f923ef6a505
-
SHA512
c9b9d9e315867ffa3e7d6a7c88affa2fd16f9cb505b1b5bde0571f46952776d6932ae7474dd5d04a7b4e485e06c1dde7748ab6768e5e50a4635a307fa07fcac0
-
SSDEEP
6144:b8LxBqe6xl4nMSMntPbrmFhhDaNoM4T9ifQSJEhN60wXfICL6k+4Nxx:nZxlsMiFhWFQ9iJPxXfI9EF
Static task
static1
Behavioral task
behavioral1
Sample
10a3c3a3c388b4bde384068720dca0e0.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
10a3c3a3c388b4bde384068720dca0e0.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
snakekeylogger
https://api.telegram.org/bot1903200344:AAFlSm8e6hlfnObZcgLQazPYhmg0jo7ubTI/sendMessage?chat_id=1988673175
Targets
-
-
Target
10a3c3a3c388b4bde384068720dca0e0
-
Size
316KB
-
MD5
10a3c3a3c388b4bde384068720dca0e0
-
SHA1
cdcfa097331476d5ee6e713923ac69bbe0f8448e
-
SHA256
6e47024e23846e53598fe383b22a61d66060d95013c57103763d1f923ef6a505
-
SHA512
c9b9d9e315867ffa3e7d6a7c88affa2fd16f9cb505b1b5bde0571f46952776d6932ae7474dd5d04a7b4e485e06c1dde7748ab6768e5e50a4635a307fa07fcac0
-
SSDEEP
6144:b8LxBqe6xl4nMSMntPbrmFhhDaNoM4T9ifQSJEhN60wXfICL6k+4Nxx:nZxlsMiFhWFQ9iJPxXfI9EF
Score10/10-
Snake Keylogger payload
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-