General
-
Target
SecuriteInfo.com.Win32.TrojanX-gen.20502.12077.exe
-
Size
772KB
-
Sample
231225-j4zlpshefn
-
MD5
0390281aa6bea2fccb424eec15cc7e78
-
SHA1
cbbe6381a0292f69bab951edd849fb713d4f76b2
-
SHA256
ff6906393f892736432d9766c5d503855ea909e8165244e641aa986d61737651
-
SHA512
7f23783f6b54551ae0779012031b9d595b14dffc80a11274c43011606d80c86063513d00e1503853e4353e2249c36a886c6f12cbbfe032e334d152d979a2bc24
-
SSDEEP
12288:dJpHCmbiNIwPt2gBpD1tM2MH6YZLuKw3WDJV733EgpAUBXvlL/bD9x7DW:ZCFPtBpD1tM2MTZLE6/l
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.TrojanX-gen.20502.12077.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Win32.TrojanX-gen.20502.12077.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Win32.TrojanX-gen.20502.12077.exe
-
Size
772KB
-
MD5
0390281aa6bea2fccb424eec15cc7e78
-
SHA1
cbbe6381a0292f69bab951edd849fb713d4f76b2
-
SHA256
ff6906393f892736432d9766c5d503855ea909e8165244e641aa986d61737651
-
SHA512
7f23783f6b54551ae0779012031b9d595b14dffc80a11274c43011606d80c86063513d00e1503853e4353e2249c36a886c6f12cbbfe032e334d152d979a2bc24
-
SSDEEP
12288:dJpHCmbiNIwPt2gBpD1tM2MH6YZLuKw3WDJV733EgpAUBXvlL/bD9x7DW:ZCFPtBpD1tM2MTZLE6/l
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-