General
-
Target
scan_meteak_2024-01-30-14-12-11.pdf.exe
-
Size
754KB
-
Sample
240131-m8j9cscehq
-
MD5
2c188078210967907fc2d5f64997e05e
-
SHA1
2a1a6fb369376cf74800cc40063a9ca99df4779b
-
SHA256
479464eb3f4adf0b74ade4aa491fef4eab206c0ddf5489a80d823779b4a4d69b
-
SHA512
6bbd3e041ffbb5ff5987cec9ea343a05b9f4c29f0111ad1c0124ee3cd61e886dcc8f5e9400b058573d4d488f16f3407b6ff9349dea907c5ecc1b87d9ce449f96
-
SSDEEP
12288:d/byR39SCF1OFsbuulCzXNMfGHJk4KouTpD+XQAzbZC1FUooRv0QWAuj8X03E:p039ZblCzNMfGHJJOaVvZC2J
Static task
static1
Behavioral task
behavioral1
Sample
scan_meteak_2024-01-30-14-12-11.pdf.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
scan_meteak_2024-01-30-14-12-11.pdf.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
scan_meteak_2024-01-30-14-12-11.pdf.exe
-
Size
754KB
-
MD5
2c188078210967907fc2d5f64997e05e
-
SHA1
2a1a6fb369376cf74800cc40063a9ca99df4779b
-
SHA256
479464eb3f4adf0b74ade4aa491fef4eab206c0ddf5489a80d823779b4a4d69b
-
SHA512
6bbd3e041ffbb5ff5987cec9ea343a05b9f4c29f0111ad1c0124ee3cd61e886dcc8f5e9400b058573d4d488f16f3407b6ff9349dea907c5ecc1b87d9ce449f96
-
SSDEEP
12288:d/byR39SCF1OFsbuulCzXNMfGHJk4KouTpD+XQAzbZC1FUooRv0QWAuj8X03E:p039ZblCzNMfGHJJOaVvZC2J
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-