Overview

overview

10

Static

static

3

BE-IZ-Q-12...AL.exe

windows7-x64

10

BE-IZ-Q-12...AL.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f5ca8f415aea09611a9aa9d3c6bd1a2c_JaffaCakes118

  • Size

    1.9MB

  • Sample

    240417-pwsq3sha3y

  • MD5

    f5ca8f415aea09611a9aa9d3c6bd1a2c

  • SHA1

    438276787f950bf79393b0903883fff232684e76

  • SHA256

    93e4528267157334ef0d55c3f378ce7f862c00d7c49a9215d8a7426188dda454

  • SHA512

    311884f53e7b21e0d9ddb1ed44b7e3977662502b0549bc000cb17548c5ae3e480baf4d6d827a2f9a2133ef457575c2561830f7dc8a7183e836f81e9dc9a71750

  • SSDEEP

    12288:WC3hpINYoA3P1/GyjcOgHf4uvP9H539XKfalV7T2fXOk/HmUVppUuEVCHo:WCTIN7EZVjcZHf4YbN6UV7T2fXOvOQ

Score
10/10
snakekeyloggerkeyloggerstealer

Malware Config

Extracted

Family

snakekeylogger

Credentials

Targets

    • Target

      BE-IZ-Q-1278-21 - TECHNICAL.exe

    • Size

      1.3MB

    • MD5

      9c032d7fbfdfe2064f850a9f2f0cfcaa

    • SHA1

      81633e6bb46148fff7f81330c5ca43b055f17be0

    • SHA256

      522ef9da580292e5ef0de44c4c3522f8f4fea1f4248467ff66a7d638be7a305c

    • SHA512

      50df0bb3764e014c1cdb888c5984a2c0b8439be232e90eacceeb9a517354456858a4327b0194da72facddafb4a4ace377340e54eb0919d3c2a8bf46d3d15cda7

    • SSDEEP

      12288:MC3hpINYoA3P1/GyjcOgHf4uvP9H539XKfalV7T2fXOk/HmUVppUuEVCHo:MCTIN7EZVjcZHf4YbN6UV7T2fXOvOQ

    Score
    10/10
    snakekeyloggerkeyloggerstealer

    • Snake Keylogger

      Keylogger and Infostealer first seen in November 2020.

      stealerkeyloggersnakekeylogger

    • Snake Keylogger payload

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks