General
-
Target
Scan_20240129_174047.exe
-
Size
600KB
-
Sample
240129-ldmkkaeff6
-
MD5
4168d882eef97a3b96233f5d585a76aa
-
SHA1
9bd9bab17f9da27dbb8431a2cdb34f73f0eff6ac
-
SHA256
9760f95030f8a3303ea6f028a872f133707ed0d8417768d9db410cd8adaab4cd
-
SHA512
2a94b1d3bc59305bbbcf22da1b07ad6b3691fc4b2abd93507d04dd1a4fd18ae3cf2bf1681e7e2c42fcde563c1f89d2a05f5401cac071c54c6c9f617d74c8ff13
-
SSDEEP
12288:da1ZNIoIFFHgeg/cmLF0b72ulvEWxjxvxXa+WS8yUH6hbKOGkqAE:SNIXFxmB0b72KVjxvx7WOUHIKb7A
Static task
static1
Behavioral task
behavioral1
Sample
Scan_20240129_174047.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
Scan_20240129_174047.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
Scan_20240129_174047.exe
-
Size
600KB
-
MD5
4168d882eef97a3b96233f5d585a76aa
-
SHA1
9bd9bab17f9da27dbb8431a2cdb34f73f0eff6ac
-
SHA256
9760f95030f8a3303ea6f028a872f133707ed0d8417768d9db410cd8adaab4cd
-
SHA512
2a94b1d3bc59305bbbcf22da1b07ad6b3691fc4b2abd93507d04dd1a4fd18ae3cf2bf1681e7e2c42fcde563c1f89d2a05f5401cac071c54c6c9f617d74c8ff13
-
SSDEEP
12288:da1ZNIoIFFHgeg/cmLF0b72ulvEWxjxvxXa+WS8yUH6hbKOGkqAE:SNIXFxmB0b72KVjxvx7WOUHIKb7A
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-