Overview

overview

10

Static

static

10

2040-64-0x...ry.exe

windows7-x64

2040-64-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2040-64-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    62de669de117f053fbac368d8d4b78b5

  • SHA1

    4328d6e662ead29edccab9139a03dd233e45d1ce

  • SHA256

    e7c183cd43db164c5da64f23060a8a3e92e045394f3600b0c3e61a24d4c21ce6

  • SHA512

    4e4017ba57e209a78cdc27e37595d21ea2e0e1958d323f18988c829a4b9bdd5aa82ab40d042cfd92b0846d28b6a86315d906764e1c427f6af05898d76d4ae0ed

  • SSDEEP

    1536:mtMpEqKKbwmEmnsk4HEQnI/bT4IhUTdNCG1tbKualdSjNIEpiO5BAvi1YVF0Kcl:mtMK5KcLkgMbTAPtbfEAj2ufBO62FbY

Score
10/10
snakekeyloggerstormkitty

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot5412042498:AAH4OVSAlB-9yvO0MxObTPVF8mPej6Ln4M4/sendMessage?chat_id=5573520537

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger
  • StormKitty payload 1 IoCs
  • Stormkitty family
    stormkitty
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2040-64-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections