General
-
Target
832-64-0x0000000000400000-0x0000000000424000-memory.dmp
-
Size
144KB
-
MD5
6f6bd09c5d8d9ec577ef3525d33b3320
-
SHA1
8967befda4b9620888008e0b0b439ebcfd8fa5f2
-
SHA256
f4da4fc6a97c38ff2696490cef24fa95dfdb1cdd102b98c5ae484eab7640509c
-
SHA512
a107489a3ac9b8f3100c6bced1391a8cc7ac7953046f8c3236e71e82fdcdb0d2ba6d4b5b16f9283c040ded32d03a88b8d9a8dc6f9299380b9e55dbf33ecf8231
-
SSDEEP
1536:ptMpEvqHEIsanVdLQPqx5LdMFgm1YdOZXnMqbKuKOsqpiOWBjF0Kcl:ptMKHgLBx5L/+Y8lMqbf4cwBjFbY
Score
10/10
Malware Config
Extracted
Family
snakekeylogger
C2
https://api.telegram.org/bot5830566856:AAGWFy9uABhntGSW37Ll1sdhis_3Sq_arBM/sendMessage?chat_id=1467583453
Signatures
-
Snake Keylogger payload 1 IoCs
-
Snakekeylogger family
-
StormKitty payload 1 IoCs
-
Stormkitty family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
832-64-0x0000000000400000-0x0000000000424000-memory.dmp
Headers
Sections