General
-
Target
7c3505fdb0dfd99c7d263b56e97e40d4
-
Size
541KB
-
Sample
240128-fjvv8sdeen
-
MD5
7c3505fdb0dfd99c7d263b56e97e40d4
-
SHA1
bdf96e1d18447edd8e79a6c684bd9e5774fa0058
-
SHA256
541d53ec290dfc6f72f5826760baefbafb77ff086fde272c836931124c926c31
-
SHA512
0fdc69d1840948481437f66a491c4dfe132b67879da70cd6b082d93524aede88238d5da414a34bd68eb69a1e62f06f9b28f10c7a43228a511de6e0e96aa37b10
-
SSDEEP
12288:TLRq+k9UYjjYsII9RyaQFJoU56r7o99uhzHx0gS0dVWMAdVEWh4TX7:0ZftmZSC4W5K
Static task
static1
Behavioral task
behavioral1
Sample
7c3505fdb0dfd99c7d263b56e97e40d4.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
7c3505fdb0dfd99c7d263b56e97e40d4.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
smtp.cloudmail.email - Port:
587 - Username:
[email protected] - Password:
nascar - Email To:
[email protected]
Targets
-
-
Target
7c3505fdb0dfd99c7d263b56e97e40d4
-
Size
541KB
-
MD5
7c3505fdb0dfd99c7d263b56e97e40d4
-
SHA1
bdf96e1d18447edd8e79a6c684bd9e5774fa0058
-
SHA256
541d53ec290dfc6f72f5826760baefbafb77ff086fde272c836931124c926c31
-
SHA512
0fdc69d1840948481437f66a491c4dfe132b67879da70cd6b082d93524aede88238d5da414a34bd68eb69a1e62f06f9b28f10c7a43228a511de6e0e96aa37b10
-
SSDEEP
12288:TLRq+k9UYjjYsII9RyaQFJoU56r7o99uhzHx0gS0dVWMAdVEWh4TX7:0ZftmZSC4W5K
Score10/10-
Detect ZGRat V1
-
Snake Keylogger payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-