General
-
Target
4d40ec3083581c3ee44936d9cabc9e0b
-
Size
1.0MB
-
Sample
231226-c5rh6aaagp
-
MD5
4d40ec3083581c3ee44936d9cabc9e0b
-
SHA1
b57c1d6d2e4411519487e9d132a3aaf01b80448e
-
SHA256
b51b212526d12237e7bcb3b215980f65e35f717ef6d39d0a2791f8fe3ce52845
-
SHA512
6e4a2d7aad2170a6f5f35b429f5733e7b9918e55f318370684de55669bd0d0295185da957545b83d445880696ee1d8d17b4eb62161de329646ae0b506dfbeb01
-
SSDEEP
12288:GaWvKkpeBoWzJlKqQdQEYKEyvUIZbV4LMntu0skGRmbK9ua4Xr4UiZ0gntsUIznx:GajydQEYKrvDBu6u0ski2KMaAe/gb/
Static task
static1
Behavioral task
behavioral1
Sample
4d40ec3083581c3ee44936d9cabc9e0b.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
4d40ec3083581c3ee44936d9cabc9e0b.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
smtp.vivaldi.net - Port:
25 - Username:
[email protected] - Password:
Africanman101 - Email To:
[email protected]
Targets
-
-
Target
4d40ec3083581c3ee44936d9cabc9e0b
-
Size
1.0MB
-
MD5
4d40ec3083581c3ee44936d9cabc9e0b
-
SHA1
b57c1d6d2e4411519487e9d132a3aaf01b80448e
-
SHA256
b51b212526d12237e7bcb3b215980f65e35f717ef6d39d0a2791f8fe3ce52845
-
SHA512
6e4a2d7aad2170a6f5f35b429f5733e7b9918e55f318370684de55669bd0d0295185da957545b83d445880696ee1d8d17b4eb62161de329646ae0b506dfbeb01
-
SSDEEP
12288:GaWvKkpeBoWzJlKqQdQEYKEyvUIZbV4LMntu0skGRmbK9ua4Xr4UiZ0gntsUIznx:GajydQEYKrvDBu6u0ski2KMaAe/gb/
Score10/10-
Snake Keylogger payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-