General
-
Target
06052024_2339_03052024_ORDEN DE COMPRA URGENTE PARA MAYO pdf.zip
-
Size
536KB
-
Sample
240506-3nlvfsgf3x
-
MD5
ce87e4068020e1732b508e4a5bd7942f
-
SHA1
e60596efe40eb9f4577930992d23526534e2e55c
-
SHA256
249caf4e0963bbb21a73dc675e22bb74df29fe1977924fcf9f58914abfe65af4
-
SHA512
05866fb585db16a6d4bbc0801bb9c2d0aa1d8a27b73fd5a6620927924f6b634eeccbe208135bc631f020f76694c8520fcc3c63919eb43cea4ede14d80fb5b316
-
SSDEEP
12288:4dz/Pj8ZsAtgEBhvsbHbGs8jgPT+amQgN4OBOQMDU:41DEB5qH98s3mQspBPOU
Static task
static1
Behavioral task
behavioral1
Sample
ORDEN DE COMPRA URGENTE PARA MAYO pdf.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ORDEN DE COMPRA URGENTE PARA MAYO pdf.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.gbogboro.com - Port:
587 - Username:
[email protected] - Password:
Lovelove@123
https://scratchdreams.tk
Targets
-
-
Target
ORDEN DE COMPRA URGENTE PARA MAYO pdf.exe
-
Size
767KB
-
MD5
9313eedbd90253a6f16e99df90fa213a
-
SHA1
18635721859d55733200a416aaeebf367c7c0cb6
-
SHA256
63340cc1fd3650cdc776c9e516989c10a1d3c21df9ab26137cff55b4e68fa7a2
-
SHA512
b1233731e81684078df129a49148a7ce8c91531143eea52a5d035cf35b78c0714f6584c3a14b2c26390c4e6b0277df5345a71583eada51a95aea64b992e65503
-
SSDEEP
12288:xHR2w77F3SEftBs9T3sscDgnnk0kE6d4kpsQMZU:xHz0EfTcT7cMtkE0vppyU
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-