General

  • Target

    84c3607190367df34f54764511e8043a

  • Size

    1.2MB

  • Sample

    240131-srqmpsghcj

  • MD5

    84c3607190367df34f54764511e8043a

  • SHA1

    7b98490ebd0fa40a48198db363cefbcb7c539125

  • SHA256

    fdd736e40a5a51e56c45b86aa2f8ce729c6afea4cd9f8528427f7398e0663ae5

  • SHA512

    70db9571b5e60e0e7c16da7320f472d85eb0adc32d26ba6a8fa4fcabdfd41e2c116316662b34f74bcdb3ed882ee0fb8508ec8ee12e603807f0a781e12e96099c

  • SSDEEP

    24576:LAe676DO7fx8Dgyfx8DgI/XL5zGaIE7QYDouaimSK3QuAeXQl/GRwDZL2L:l676e58Dgy58DgI1XI4NaimSCQuA60Zy

Malware Config

Targets

    • Target

      84c3607190367df34f54764511e8043a

    • Size

      1.2MB

    • MD5

      84c3607190367df34f54764511e8043a

    • SHA1

      7b98490ebd0fa40a48198db363cefbcb7c539125

    • SHA256

      fdd736e40a5a51e56c45b86aa2f8ce729c6afea4cd9f8528427f7398e0663ae5

    • SHA512

      70db9571b5e60e0e7c16da7320f472d85eb0adc32d26ba6a8fa4fcabdfd41e2c116316662b34f74bcdb3ed882ee0fb8508ec8ee12e603807f0a781e12e96099c

    • SSDEEP

      24576:LAe676DO7fx8Dgyfx8DgI/XL5zGaIE7QYDouaimSK3QuAeXQl/GRwDZL2L:l676e58Dgy58DgI1XI4NaimSCQuA60Zy

    • Snake Keylogger

      Keylogger and Infostealer first seen in November 2020.

    • Snake Keylogger payload

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks