General

  • Target

    2664-9-0x0000000000080000-0x00000000000A6000-memory.dmp

  • Size

    152KB

  • MD5

    7809b11ec32c4346d8b0af741b6d4838

  • SHA1

    360e04b387749ac8e20c253856905521889bd868

  • SHA256

    0fe4332786dcaae6db5d7ed5bedbe8673d22b6cc99347a4c63626c5b26b51c55

  • SHA512

    0a7a4a788f0c0a4701beb3f34411f81699a64d57f3229524ba898c84f00db826728a028b250372b1eaf4fa2a6482724dbed0fa424606103ed6f8bc8784b152e5

  • SSDEEP

    3072:7b+ltb4bLN9/QybO3s+1oblusQRwvxL8E3:ktb4HN9xEobaE3

Score
10/10

Malware Config

Extracted

Family

snakekeylogger

Credentials

  • Protocol:
    smtp
  • Host:
    valleycountysar.org
  • Port:
    25
  • Username:
    [email protected]
  • Password:
    iU0Ta!$K8L51

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2664-9-0x0000000000080000-0x00000000000A6000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections