General
-
Target
e54a637c5bc8ae8f50e28409b80f098a10cef38ae65e2adff8044e0349fcf8e0
-
Size
441KB
-
Sample
231225-f5yt1sfabn
-
MD5
85afc05cb077fcc765ef5e8a352e6ee6
-
SHA1
fd1f2fdd5d0141411f02d7301462f43807ac7fb7
-
SHA256
e54a637c5bc8ae8f50e28409b80f098a10cef38ae65e2adff8044e0349fcf8e0
-
SHA512
94f7c737bdbad8c885c42aa14293d193779d950d0a86734868568043c304cddb4d4f00b550059b7b925b296bb9c85230423aed7cba6239942e60a2e5222eeb3d
-
SSDEEP
12288:hAp/cDjoDfWHkbOrq2rA3UqCyOFjTdUKSoPebtgaXc:6fWHTaNCdUVeebtgj
Static task
static1
Behavioral task
behavioral1
Sample
Order Inquiry.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
Order Inquiry.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
Order Inquiry.exe
-
Size
772KB
-
MD5
cc5eb59cb99d6c5ff4f8dbb39c3ac85a
-
SHA1
db3637757ec6398f74911598b78fb67779cfa881
-
SHA256
a7861637b7c5aca5ec97ec9b14ff793aa6e227f0c7af740350d9134225bd3c2c
-
SHA512
3e9b508b5bc593df4b1ac2151d4142905f260336342579d3fe1eda96390b8752b863557a2dd4d0ab0f918a4417579d06e181d499aa47545cab119483babf6ce2
-
SSDEEP
12288:RJpHCmbiNIwPfWeBpD1tM2MH6YZLuKw3WDJV733EgpAcLxzbHpGFo:tCFPNpD1tM2MTZLE6I
Score10/10-
Snake Keylogger payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-