General
-
Target
list of items.exe
-
Size
613KB
-
Sample
240508-jkyv3ace25
-
MD5
8efc17bf06286d73ab38a42c72707869
-
SHA1
fa8d5bef0807c0bcd2009989812562a7976bbcaf
-
SHA256
1f9bb30664b00d710ecedcdd485de690c25e38199c86fc2fe350c7e11c660fd4
-
SHA512
608edf8de51cb9430ad40848df5e80b4c61dd8d361f94cd07499f1d59c17f7f44c90ad1d2850e5f1d90e9f286769fc16adba25049fb700d73d0f14b926a0f0ec
-
SSDEEP
12288:UVniETpbNEh7Uh2iW1Xlb6NmUND9vFtXEg6lKGHNWulRyskR:W7bN07Uh2F1ENmUPfmMGtNyb
Static task
static1
Behavioral task
behavioral1
Sample
list of items.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
list of items.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.marinasands.gr - Port:
587 - Username:
[email protected] - Password:
;lHJ#%M!iBh- - Email To:
[email protected]
https://scratchdreams.tk
Targets
-
-
Target
list of items.exe
-
Size
613KB
-
MD5
8efc17bf06286d73ab38a42c72707869
-
SHA1
fa8d5bef0807c0bcd2009989812562a7976bbcaf
-
SHA256
1f9bb30664b00d710ecedcdd485de690c25e38199c86fc2fe350c7e11c660fd4
-
SHA512
608edf8de51cb9430ad40848df5e80b4c61dd8d361f94cd07499f1d59c17f7f44c90ad1d2850e5f1d90e9f286769fc16adba25049fb700d73d0f14b926a0f0ec
-
SSDEEP
12288:UVniETpbNEh7Uh2iW1Xlb6NmUND9vFtXEg6lKGHNWulRyskR:W7bN07Uh2F1ENmUPfmMGtNyb
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-