General
-
Target
115f6d94f2fd77eda6b81780e8051f0d
-
Size
665KB
-
Sample
231225-j5wlfahfhm
-
MD5
115f6d94f2fd77eda6b81780e8051f0d
-
SHA1
984bc609ef9c5da154a3d442051f3a9a0725ee23
-
SHA256
486032726bf8f655211586986bdc0e49f0149c0a85cfaebf1ff8c28e0587bc85
-
SHA512
f4c00cbc727885c482a752322844775fcbf854c1607966654307e9c9077060689050a5326bbacee278c4e04024a29f945a5622384c788d9f4f65a50f4ad035b3
-
SSDEEP
12288:tCtQvsls8COsBgo0q4wM90bVCW1VaZ3YDeoyi8hJHf5gCyKtytmLa:tCtQvwCOsBgo0q4wMSb31VaVUDyiAKCc
Static task
static1
Behavioral task
behavioral1
Sample
115f6d94f2fd77eda6b81780e8051f0d.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
115f6d94f2fd77eda6b81780e8051f0d.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
us2.smtp.mailhostbox.com - Port:
587 - Username:
[email protected] - Password:
Chukwudim28@ - Email To:
[email protected]
Targets
-
-
Target
115f6d94f2fd77eda6b81780e8051f0d
-
Size
665KB
-
MD5
115f6d94f2fd77eda6b81780e8051f0d
-
SHA1
984bc609ef9c5da154a3d442051f3a9a0725ee23
-
SHA256
486032726bf8f655211586986bdc0e49f0149c0a85cfaebf1ff8c28e0587bc85
-
SHA512
f4c00cbc727885c482a752322844775fcbf854c1607966654307e9c9077060689050a5326bbacee278c4e04024a29f945a5622384c788d9f4f65a50f4ad035b3
-
SSDEEP
12288:tCtQvsls8COsBgo0q4wM90bVCW1VaZ3YDeoyi8hJHf5gCyKtytmLa:tCtQvwCOsBgo0q4wMSb31VaVUDyiAKCc
Score10/10-
Snake Keylogger payload
-
CustAttr .NET packer
Detects CustAttr .NET packer in memory.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-