General
-
Target
e9054f4014dfecd8d77edd15779b91ed_JaffaCakes118
-
Size
123KB
-
Sample
240409-c4w29afe7z
-
MD5
e9054f4014dfecd8d77edd15779b91ed
-
SHA1
cc964b02c712a3164a03c11a4713bb3f0d302fdf
-
SHA256
111549fba23f6124b48a1cefe288eac3f35d2ef71cdef03e806283dfcc66b6a8
-
SHA512
47c5d84ab581b8357d2959789532ad864da18e5eb3e2e0598d47eb2ff45ac33032612c85d65f53f614483ac78b58c7147330b8dc36605059d96e17de6d917d00
-
SSDEEP
1536:EtI36AfnDXXRlzdX9y0XSj3fKDblewdS6Opzfb/an8NFL9KpiOWBBcC:EtWXZ9yESj3fKDblFSDxbSi98wBBcC
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
smtp.garqwire.com - Port:
587 - Username:
[email protected] - Password:
Q3Sh{0!ojsq{ - Email To:
[email protected]
Targets
-
-
Target
e9054f4014dfecd8d77edd15779b91ed_JaffaCakes118
-
Size
123KB
-
MD5
e9054f4014dfecd8d77edd15779b91ed
-
SHA1
cc964b02c712a3164a03c11a4713bb3f0d302fdf
-
SHA256
111549fba23f6124b48a1cefe288eac3f35d2ef71cdef03e806283dfcc66b6a8
-
SHA512
47c5d84ab581b8357d2959789532ad864da18e5eb3e2e0598d47eb2ff45ac33032612c85d65f53f614483ac78b58c7147330b8dc36605059d96e17de6d917d00
-
SSDEEP
1536:EtI36AfnDXXRlzdX9y0XSj3fKDblewdS6Opzfb/an8NFL9KpiOWBBcC:EtWXZ9yESj3fKDblFSDxbSi98wBBcC
Score10/10-
Snake Keylogger
Keylogger and Infostealer first seen in November 2020.
-
Snake Keylogger payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-