General
-
Target
BELGELER VE ÖDEMELER.exe
-
Size
861KB
-
Sample
240131-nav4msaha5
-
MD5
8a2102b1708487bb3096c4d176ca498e
-
SHA1
ec4b9988410528115495f63014aac126249b8cc7
-
SHA256
7c55e53536e6fe6f646bbdd2278b67176788a31a727bc24b4ed872c617d46dbd
-
SHA512
41ae9b788ceebc5197196a79fa6751916b6deedc2cb98a6bd2355dd5e9f75ffcbc66c2f9d9dcc1951532b8fb23dcff10d81735b35584f8bb7ceace1fcb3c37c2
-
SSDEEP
12288:foacIAYQ4VIBiYoaJD1+7/KeKDtc1Tjv7Ynx:g7IA1N7JZmbKDyNr7Ynx
Static task
static1
Behavioral task
behavioral1
Sample
BELGELER VE ÖDEMELER.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
BELGELER VE ÖDEMELER.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
BELGELER VE ÖDEMELER.exe
-
Size
861KB
-
MD5
8a2102b1708487bb3096c4d176ca498e
-
SHA1
ec4b9988410528115495f63014aac126249b8cc7
-
SHA256
7c55e53536e6fe6f646bbdd2278b67176788a31a727bc24b4ed872c617d46dbd
-
SHA512
41ae9b788ceebc5197196a79fa6751916b6deedc2cb98a6bd2355dd5e9f75ffcbc66c2f9d9dcc1951532b8fb23dcff10d81735b35584f8bb7ceace1fcb3c37c2
-
SSDEEP
12288:foacIAYQ4VIBiYoaJD1+7/KeKDtc1Tjv7Ynx:g7IA1N7JZmbKDyNr7Ynx
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-