General
-
Target
1180-59-0x0000000000400000-0x0000000000426000-memory.dmp
-
Size
152KB
-
MD5
67fc5a103a7efc143e25dcc6086a31d6
-
SHA1
044398db4f4a72e9eeb27720c99a9c9206ca73a3
-
SHA256
216185a8e12dd0ef4b3bff949c5960c0d80ead971f3debe904fac982b63a2be9
-
SHA512
158bfb1834cee842c3972600494daf76a9fee7932a54512c1b081fc4cc7b9ad00fd194cd2ef467d987117bbd37493b949296f22cc6800c2aecd534fef787278f
-
SSDEEP
1536:IRrwmsAr70SGWoiebN+vBUFrlYYx272rXef5pPH8fMFdo3F6+PowACb/z1RrAxpj:IRrwmF3NoieZx2W31wnCb71JAjwBaT
Score
10/10
Malware Config
Extracted
Family
snakekeylogger
Credentials
Protocol: smtp- Host:
mail.maxbilt.com.au - Port:
587 - Username:
[email protected] - Password:
M4xbiltS4les - Email To:
[email protected]
C2
https://api.telegram.org/bot6090917571:AAGiFqTFYfI5BI87xR6Qa3aohn9a4CjnJcQ/sendMessage?chat_id=6082978649
Signatures
-
Snake Keylogger payload 1 IoCs
-
Snakekeylogger family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1180-59-0x0000000000400000-0x0000000000426000-memory.dmp
Headers
Sections