General
-
Target
770f963943fae86ad2fb95533defae2d.bin
-
Size
444KB
-
Sample
231227-bwg3paecdl
-
MD5
0fb65d8ac5a3107d0f226117a2ff31eb
-
SHA1
7de65c48a53ab7cbe8577e8dc5e5438c7bee49bf
-
SHA256
94901770b003e12ebb3484041ec64d1f3d947c55bf8d53133953f858c02b5c7c
-
SHA512
4dab92dd228b250ca7a5e4e1e4fecf022e83d2b42772c1013a4862d2d80b351d12048f9e4f5f530d50994ae1dd5263853f769778ce75a53d030207d9b84951ad
-
SSDEEP
12288:1hmi0PG75p2I9E8VLFusJOEJrY2o591WAXe4F:sGVZ9pVF5OEBY2PV4F
Static task
static1
Behavioral task
behavioral1
Sample
fd3215fd4bcb33f2149cd4bed63011c2b992b5a008cdd289559031741e8a3089.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
fd3215fd4bcb33f2149cd4bed63011c2b992b5a008cdd289559031741e8a3089.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
fd3215fd4bcb33f2149cd4bed63011c2b992b5a008cdd289559031741e8a3089.exe
-
Size
772KB
-
MD5
770f963943fae86ad2fb95533defae2d
-
SHA1
efadeaa28fe3c30e1224d41836b40666f9f5cd38
-
SHA256
fd3215fd4bcb33f2149cd4bed63011c2b992b5a008cdd289559031741e8a3089
-
SHA512
ae6480f80555dd6ed6dd8780d9faf4b0b3ba21a8b3f0ff50c73a5d38fa930ddc34e09ee0aaeb208c08d334b7404ab854478e1a39f929a496835e21de50a052c5
-
SSDEEP
12288:ZJpHCmbiNIwP7BpD1tM2MH6YZLuKw3WDJV733EgpAbSVv8Ipch:VCFPNpD1tM2MTZLEwV
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-