General
-
Target
33fe683a4f96d2b64616814f7473f9ad
-
Size
486KB
-
Sample
231225-wx9jjsbefj
-
MD5
33fe683a4f96d2b64616814f7473f9ad
-
SHA1
1dfecff86628341cb0f5208c6957a970e2729a99
-
SHA256
4b6d2d4d20ed03f56ffffc9c92549c99b7bd4494c7335790e9cae0e0b5824193
-
SHA512
3e8ae602b91151780f6b0c58f3409f19d7680ffd6bd979ee9c380966cf9442de06f031af4162da82204f87317c68bd59dc14a737e5e189b58171f343fd0963aa
-
SSDEEP
12288:tqXS3Nv68mo+UmaKOmGa1NoigDRlBda3w:wQtFYUUJUDX/a
Static task
static1
Behavioral task
behavioral1
Sample
33fe683a4f96d2b64616814f7473f9ad.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
33fe683a4f96d2b64616814f7473f9ad.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
snakekeylogger
https://api.telegram.org/bot1846829589:AAHSsEDTKvDOQ17YrNRY5_FXv5z4mpfGRIc/sendMessage?chat_id=1407381447
Targets
-
-
Target
33fe683a4f96d2b64616814f7473f9ad
-
Size
486KB
-
MD5
33fe683a4f96d2b64616814f7473f9ad
-
SHA1
1dfecff86628341cb0f5208c6957a970e2729a99
-
SHA256
4b6d2d4d20ed03f56ffffc9c92549c99b7bd4494c7335790e9cae0e0b5824193
-
SHA512
3e8ae602b91151780f6b0c58f3409f19d7680ffd6bd979ee9c380966cf9442de06f031af4162da82204f87317c68bd59dc14a737e5e189b58171f343fd0963aa
-
SSDEEP
12288:tqXS3Nv68mo+UmaKOmGa1NoigDRlBda3w:wQtFYUUJUDX/a
Score10/10-
Detect ZGRat V1
-
Snake Keylogger payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-