Overview

overview

10

Static

static

10

6d3b249ec1...d6.exe

windows7-x64

10

6d3b249ec1...d6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    908016eddd0dc90bb69c0ff9f8560d68.bin

  • Size

    47KB

  • MD5

    9afe4a2ee1175f491b6d05eee138825e

  • SHA1

    4f0ae98eedad168248ff8dbc3609928e5b7f247a

  • SHA256

    52b9cb2e901a8e0694e91144adb2fedef716654ae65c05cdcca298fd3fb9044e

  • SHA512

    aa6f6676ba699e3f44bf1579d151333e9eba95e6521c391bd18a3d98cf5e72fa82cac91aa4b1c0ee573c8223a47195c09af6066c52f815a6e1f49211535041df

  • SSDEEP

    768:8wW75pU+TjDC0deHKjFHoXdpQMG+l7UiA0sdgI0UTKP9N+eJwTfu/VE1lESPXDxJ:8wGVTj+2YzQMrJagfkC+fiEVPDxJ

Score
10/10
snakekeylogger

Malware Config

Extracted

Family

snakekeylogger

Credentials

  • Protocol:     smtp
  • Host:
    mail.privateemail.com
  • Port:
    587
  • Username:
    maxsales@maxvaluen.com
  • Password:
    123456
  • Email To:
    maxinfo@maxvaluen.com
C2

https://scratchdreams.tk

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 908016eddd0dc90bb69c0ff9f8560d68.bin
    .zip

    Password: infected

  • 6d3b249ec17de0b830b6d21a2a5bc6b4b15c99cc78c05d34ca414e09dea1d9d6.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections