General
-
Target
7a66c663f71aff27ef5671579fd986b30c9527e23da7cbcfe7cdad8bf8baf739
-
Size
1.0MB
-
Sample
240127-qza6wafbdr
-
MD5
5b4a8765f884a095e35b8691bbc0c8ad
-
SHA1
97dd8cd828b59ca8730583b4518010c238ae9017
-
SHA256
7a66c663f71aff27ef5671579fd986b30c9527e23da7cbcfe7cdad8bf8baf739
-
SHA512
bf76508e33124dece0ad0347e55887e08f3ebe4d4f7460239ef5ab5611056f17fb0d66cd661a04cef5d2e03b7b8348cd6b706af33408e97b7cdefaec217efef0
-
SSDEEP
24576:FCJuVVkdVCOuvnyAZHjReBycHEZ4Ci14:E0kdBuqS74e
Static task
static1
Behavioral task
behavioral1
Sample
7a66c663f71aff27ef5671579fd986b30c9527e23da7cbcfe7cdad8bf8baf739.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
7a66c663f71aff27ef5671579fd986b30c9527e23da7cbcfe7cdad8bf8baf739.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
7a66c663f71aff27ef5671579fd986b30c9527e23da7cbcfe7cdad8bf8baf739
-
Size
1.0MB
-
MD5
5b4a8765f884a095e35b8691bbc0c8ad
-
SHA1
97dd8cd828b59ca8730583b4518010c238ae9017
-
SHA256
7a66c663f71aff27ef5671579fd986b30c9527e23da7cbcfe7cdad8bf8baf739
-
SHA512
bf76508e33124dece0ad0347e55887e08f3ebe4d4f7460239ef5ab5611056f17fb0d66cd661a04cef5d2e03b7b8348cd6b706af33408e97b7cdefaec217efef0
-
SSDEEP
24576:FCJuVVkdVCOuvnyAZHjReBycHEZ4Ci14:E0kdBuqS74e
Score10/10-
Snake Keylogger payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-