Overview

overview

10

Static

static

10

1860-75-0x...ry.exe

windows7-x64

1860-75-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1860-75-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    d9d5c5dafa6dab9ba2f0e2d0f0be7630

  • SHA1

    08719a852f84cbaee7347f052fb712232b51b250

  • SHA256

    75df030f680890a218b393e65935ec3566d35fc663f260cdd028c3c3d181dfc9

  • SHA512

    4756cbd3da18060c0f014d8f88cca31ee09e8c7d3bc83441000f378e225d2b3e212596d167994691f01070d690a0ec8fc02e0a2cb0d8429c6d54a28f6d9039cb

  • SSDEEP

    1536:itMpEvqHEIsanj0ly+G0/nE+vBUFrlY9DZKkAMFQ3nvn/bKuOL5ybQpiOWBIF0KY:itMKH7/tDZmXv/bfYUbCwBIFbY

Score
10/10
snakekeyloggerstormkitty

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot5923227859:AAEYo__DCK9GpHPQHPaQXx_5mU4DPDQb_xs/sendMessage?chat_id=1965959123

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger
  • StormKitty payload 1 IoCs
  • Stormkitty family
    stormkitty
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1860-75-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections