General
-
Target
SecuriteInfo.com.Trojan.DownLoader46.44277.27482.3211.exe
-
Size
432KB
-
Sample
231226-183mlafcdr
-
MD5
705f530ccf09e70691a0cd93c5a15bd4
-
SHA1
3c17db1f545254560323dba0aabd18978d21f063
-
SHA256
4e8b17d34495b7e4397939448da55c81d186794fa6a1f00a5e3cbd4659dd74ac
-
SHA512
c9c19726178e1aef01805d30c9eb562eef1f43f906eea9ec6af7bf599edc7d289d89a294f1e30db30d6035928615e426056fd4a5feafba4df549f4cda6b4bdb7
-
SSDEEP
12288:E2t+axyVJLYNnZa693JxwTIAqf2HQGRw6Y9:vwVJLYNno695x+I32LY9
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.DownLoader46.44277.27482.3211.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.DownLoader46.44277.27482.3211.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Trojan.DownLoader46.44277.27482.3211.exe
-
Size
432KB
-
MD5
705f530ccf09e70691a0cd93c5a15bd4
-
SHA1
3c17db1f545254560323dba0aabd18978d21f063
-
SHA256
4e8b17d34495b7e4397939448da55c81d186794fa6a1f00a5e3cbd4659dd74ac
-
SHA512
c9c19726178e1aef01805d30c9eb562eef1f43f906eea9ec6af7bf599edc7d289d89a294f1e30db30d6035928615e426056fd4a5feafba4df549f4cda6b4bdb7
-
SSDEEP
12288:E2t+axyVJLYNnZa693JxwTIAqf2HQGRw6Y9:vwVJLYNno695x+I32LY9
Score10/10-
Snake Keylogger payload
-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-