General
-
Target
793460b94805267b615010b3ef130e31
-
Size
635KB
-
Sample
240127-ee7hssebfp
-
MD5
793460b94805267b615010b3ef130e31
-
SHA1
a01ba1174de57830b725c597400478b9929c07d1
-
SHA256
64e873c870ebd93ef9616bfd9c774dbe12dd80fe69f41ecad14f5d437f95f4db
-
SHA512
88f83545bebbceffe44356c3e3505b01c08de51c1c801ef2182cc4341a2e9fb2d4f8fdac05ef5ea90ffa4529a2e4ca9b282692b7eb4763f9aed284c4401feb5d
-
SSDEEP
12288:n/M6SVzKubzm8aDaRrSNqieKGJt5AstGlOFdkJ6w+cSiJ5TBS1Y1:nRk+ubqaRiJGJt6QGM1w0U58U
Static task
static1
Behavioral task
behavioral1
Sample
Bank slip .jpg.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
Bank slip .jpg.exe
Resource
win10v2004-20231222-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
us2.smtp.mailhostbox.com - Port:
587 - Username:
[email protected] - Password:
BkKMmzZ1
Targets
-
-
Target
Bank slip .jpg.exe
-
Size
1.0MB
-
MD5
3ea15007d1dbb5b1ed0714d5c42868dc
-
SHA1
a3b512dbdd64c9e822dcdd3f16b6297a2e91a2d4
-
SHA256
42b7d6c812a0fdefa87e7d48c1170babffe26932c12ea2037ea7161c2061c724
-
SHA512
c1c1e59e9bfed230ec7e9f4cdec261307e0eb889788acd2966f4a6973d9d8262ff40974687a4fede179320b05383147ee4316debab3781467b07db5015b42aaa
-
SSDEEP
12288:Q3vll2iNIGnXcjcx1zaHiYmn2TsH2iJBAy3olSHB3xU5z/qphBqCz:K1qYXePm2jo8uVuqdq
Score10/10-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-