General
-
Target
0390281aa6bea2fccb424eec15cc7e78.bin
-
Size
444KB
-
Sample
231227-bcvvfacgfn
-
MD5
dc362a2b66f36afd2fbfc1aff11c1e72
-
SHA1
e6732bf1f37c4bd7729cf483f19e2bbee2439654
-
SHA256
67051497fd97c6af464c672d930bc0e03f49fec42759bd94e1d5b7c3cf34e7bb
-
SHA512
4ff546dadc0f91816374e6ed5c9faa117b7e17dd9b5c48b305eb982d65aaf43be197aa1d8796f6c77413c4abd2e800695e6e076ef58b338f0627fbfe0e80066d
-
SSDEEP
12288:phJ2CUToWJFHYAD5th2hE86FnPcLozyA5mfM2:ph7NWD5tI6FSozkM2
Static task
static1
Behavioral task
behavioral1
Sample
ff6906393f892736432d9766c5d503855ea909e8165244e641aa986d61737651.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
ff6906393f892736432d9766c5d503855ea909e8165244e641aa986d61737651.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
ff6906393f892736432d9766c5d503855ea909e8165244e641aa986d61737651.exe
-
Size
772KB
-
MD5
0390281aa6bea2fccb424eec15cc7e78
-
SHA1
cbbe6381a0292f69bab951edd849fb713d4f76b2
-
SHA256
ff6906393f892736432d9766c5d503855ea909e8165244e641aa986d61737651
-
SHA512
7f23783f6b54551ae0779012031b9d595b14dffc80a11274c43011606d80c86063513d00e1503853e4353e2249c36a886c6f12cbbfe032e334d152d979a2bc24
-
SSDEEP
12288:dJpHCmbiNIwPt2gBpD1tM2MH6YZLuKw3WDJV733EgpAUBXvlL/bD9x7DW:ZCFPtBpD1tM2MTZLE6/l
Score10/10-
Snake Keylogger payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-