General
-
Target
49d00fbb783d0a1f50039699bb9e0e3a
-
Size
600KB
-
Sample
231226-b1gmqabhcj
-
MD5
49d00fbb783d0a1f50039699bb9e0e3a
-
SHA1
d37b84415b0619497c7786e6d1db1883c071e0d3
-
SHA256
7bb173d6f12fefce48a6a3f2ec2d2e73bab1a1fc3c7a8f1fed35694a4053953f
-
SHA512
1b4a3cb9a632a4c91600f700a829f107608bffae26a1457fee8595bb74e3c7506586c607975b2802709a297af918c880b6c762ca1d628bc20d9ef9206f194448
-
SSDEEP
12288:lYiPU9nPU9aOZFH0PiDRs2OsBgo0q4wMD1cGXdr6m6sD9Whu0QaxIpbj2XYpOZ:lYARs2OsBgo0q4wMDedW9+Q7p1pq
Static task
static1
Behavioral task
behavioral1
Sample
49d00fbb783d0a1f50039699bb9e0e3a.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
49d00fbb783d0a1f50039699bb9e0e3a.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
us2.smtp.mailhostbox.com - Port:
587 - Username:
[email protected] - Password:
xMdrSUH1 - Email To:
[email protected]
Targets
-
-
Target
49d00fbb783d0a1f50039699bb9e0e3a
-
Size
600KB
-
MD5
49d00fbb783d0a1f50039699bb9e0e3a
-
SHA1
d37b84415b0619497c7786e6d1db1883c071e0d3
-
SHA256
7bb173d6f12fefce48a6a3f2ec2d2e73bab1a1fc3c7a8f1fed35694a4053953f
-
SHA512
1b4a3cb9a632a4c91600f700a829f107608bffae26a1457fee8595bb74e3c7506586c607975b2802709a297af918c880b6c762ca1d628bc20d9ef9206f194448
-
SSDEEP
12288:lYiPU9nPU9aOZFH0PiDRs2OsBgo0q4wMD1cGXdr6m6sD9Whu0QaxIpbj2XYpOZ:lYARs2OsBgo0q4wMDedW9+Q7p1pq
Score10/10-
Snake Keylogger payload
-
CustAttr .NET packer
Detects CustAttr .NET packer in memory.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-