General
-
Target
7998165d0db2acc29c72e4ea081a1f2a
-
Size
868KB
-
Sample
240127-hy68xsfeb9
-
MD5
7998165d0db2acc29c72e4ea081a1f2a
-
SHA1
7dd82119edaf9da3f35b56c63f17bb6225ef3e1b
-
SHA256
d8efa6cf84ac542a7bbeebf0e3962a676be0ddfd2bee442576607928c1b8b0fd
-
SHA512
b0b381f44fae8d5f6b0e3db9a16dcc33f66beb8c436cda09d127da806cccf0f0f176873c125b8f02d4215d73d8307edcbdb031fc066b7f36b26647a317a0cb60
-
SSDEEP
12288:CXcsGI/cl1qIU8gFPOJxxPFAsjHf11YxmbgkFemZcbyyhW5qF12EObbf:C8QIZx9j/11HgDmyb85qP
Static task
static1
Behavioral task
behavioral1
Sample
7998165d0db2acc29c72e4ea081a1f2a.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
7998165d0db2acc29c72e4ea081a1f2a.exe
Resource
win10v2004-20231222-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.onurtriko.com.tr - Port:
587 - Username:
[email protected] - Password:
Ee980502+E - Email To:
[email protected]
Targets
-
-
Target
7998165d0db2acc29c72e4ea081a1f2a
-
Size
868KB
-
MD5
7998165d0db2acc29c72e4ea081a1f2a
-
SHA1
7dd82119edaf9da3f35b56c63f17bb6225ef3e1b
-
SHA256
d8efa6cf84ac542a7bbeebf0e3962a676be0ddfd2bee442576607928c1b8b0fd
-
SHA512
b0b381f44fae8d5f6b0e3db9a16dcc33f66beb8c436cda09d127da806cccf0f0f176873c125b8f02d4215d73d8307edcbdb031fc066b7f36b26647a317a0cb60
-
SSDEEP
12288:CXcsGI/cl1qIU8gFPOJxxPFAsjHf11YxmbgkFemZcbyyhW5qF12EObbf:C8QIZx9j/11HgDmyb85qP
Score10/10-
Snake Keylogger payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-