General
-
Target
New shipment detail.exe
-
Size
708KB
-
Sample
231221-ryjbjaafgn
-
MD5
e4e808a72f8178a789c4f5cd3b2592b0
-
SHA1
c5424faeeb22e4d6a8ce4fa86958444f51c46230
-
SHA256
71aaa5510b2558e77807ee92dae0b7eef3c3f473be2078860769b58641b1c118
-
SHA512
6cd62ce5ba6722157b4fbb25189b5d61417b7032261df45c75dafc8c76ffdcbea19dfa2390403da193bae4b353a33461b7a1b9747a66676070744e272340cbeb
-
SSDEEP
12288:68pYTbiR6P4mpQO9gDPLg8EJk0xcNuoOO+1o1u4Aaf0+06JyQW:xpY06P4qgUzku5af0l6JV
Static task
static1
Behavioral task
behavioral1
Sample
New shipment detail.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
New shipment detail.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
New shipment detail.exe
-
Size
708KB
-
MD5
e4e808a72f8178a789c4f5cd3b2592b0
-
SHA1
c5424faeeb22e4d6a8ce4fa86958444f51c46230
-
SHA256
71aaa5510b2558e77807ee92dae0b7eef3c3f473be2078860769b58641b1c118
-
SHA512
6cd62ce5ba6722157b4fbb25189b5d61417b7032261df45c75dafc8c76ffdcbea19dfa2390403da193bae4b353a33461b7a1b9747a66676070744e272340cbeb
-
SSDEEP
12288:68pYTbiR6P4mpQO9gDPLg8EJk0xcNuoOO+1o1u4Aaf0+06JyQW:xpY06P4qgUzku5af0l6JV
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-