General
-
Target
7969c647ed1c0c449a512c88ccaa22b9
-
Size
834KB
-
Sample
240127-gbslksfhcq
-
MD5
7969c647ed1c0c449a512c88ccaa22b9
-
SHA1
e84c5574e52045ceb7fb4f70380ae6b44d7bc189
-
SHA256
90d00d97833d65bb0bea7fa86afb3d311a66069c80acaf18ca32055ad6b307f7
-
SHA512
6aea4568068ca0ee38ba39148f6d1eb7d18ab2ac72ed7371078a7bf99affe458761633ea76ead1aa534fa63ea68a747cbdbfdc2805e14d70884d5b11aa533637
-
SSDEEP
24576:xgwFJMNj6iRk6N3/2MN7SosjQsUTeFVd:xgwFehS6NeMFSoss1Te/
Static task
static1
Behavioral task
behavioral1
Sample
7969c647ed1c0c449a512c88ccaa22b9.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
7969c647ed1c0c449a512c88ccaa22b9.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.diktasltd.com.tr - Port:
587 - Username:
[email protected] - Password:
y7W3-vH?3{7C - Email To:
[email protected]
Targets
-
-
Target
7969c647ed1c0c449a512c88ccaa22b9
-
Size
834KB
-
MD5
7969c647ed1c0c449a512c88ccaa22b9
-
SHA1
e84c5574e52045ceb7fb4f70380ae6b44d7bc189
-
SHA256
90d00d97833d65bb0bea7fa86afb3d311a66069c80acaf18ca32055ad6b307f7
-
SHA512
6aea4568068ca0ee38ba39148f6d1eb7d18ab2ac72ed7371078a7bf99affe458761633ea76ead1aa534fa63ea68a747cbdbfdc2805e14d70884d5b11aa533637
-
SSDEEP
24576:xgwFJMNj6iRk6N3/2MN7SosjQsUTeFVd:xgwFehS6NeMFSoss1Te/
Score10/10-
Snake Keylogger payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-