Overview

overview

10

Static

static

3

ff6906393f...51.exe

windows7-x64

10

ff6906393f...51.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0390281aa6bea2fccb424eec15cc7e78.bin

  • Size

    444KB

  • Sample

    231227-bcvvfacgfn

  • MD5

    dc362a2b66f36afd2fbfc1aff11c1e72

  • SHA1

    e6732bf1f37c4bd7729cf483f19e2bbee2439654

  • SHA256

    67051497fd97c6af464c672d930bc0e03f49fec42759bd94e1d5b7c3cf34e7bb

  • SHA512

    4ff546dadc0f91816374e6ed5c9faa117b7e17dd9b5c48b305eb982d65aaf43be197aa1d8796f6c77413c4abd2e800695e6e076ef58b338f0627fbfe0e80066d

  • SSDEEP

    12288:phJ2CUToWJFHYAD5th2hE86FnPcLozyA5mfM2:ph7NWD5tI6FSozkM2

Score
10/10
snakekeyloggerkeyloggerstealer

Malware Config

Targets

    • Target

      ff6906393f892736432d9766c5d503855ea909e8165244e641aa986d61737651.exe

    • Size

      772KB

    • MD5

      0390281aa6bea2fccb424eec15cc7e78

    • SHA1

      cbbe6381a0292f69bab951edd849fb713d4f76b2

    • SHA256

      ff6906393f892736432d9766c5d503855ea909e8165244e641aa986d61737651

    • SHA512

      7f23783f6b54551ae0779012031b9d595b14dffc80a11274c43011606d80c86063513d00e1503853e4353e2249c36a886c6f12cbbfe032e334d152d979a2bc24

    • SSDEEP

      12288:dJpHCmbiNIwPt2gBpD1tM2MH6YZLuKw3WDJV733EgpAUBXvlL/bD9x7DW:ZCFPtBpD1tM2MTZLE6/l

    Score
    10/10
    snakekeyloggerkeyloggerstealer

    • Snake Keylogger

      Keylogger and Infostealer first seen in November 2020.

      stealerkeyloggersnakekeylogger

    • Snake Keylogger payload

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks