General
-
Target
2024-9-0x0000000000420000-0x0000000000446000-memory.dmp
-
Size
152KB
-
Sample
240508-jnxr6scf78
-
MD5
50d4fbf24bb86f25398560082858a65f
-
SHA1
6ed0d12ce1b171ac3c927d82a0ac15c0fb6b3657
-
SHA256
016753cbb4ae4df7813b6147047b557adbaa5edba542f689ac5ef55650782401
-
SHA512
b4f545a9ff34f176cf9178eacf5fbe1af8a2aad82572dea3a762a10948a8a2c1831f9426f4dd22f9a2e80780ddee0290f8b8b430b3f558b1d0485fc6b82a041f
-
SSDEEP
3072:uTFXvgupk2iBNUk5PMLZeEqBuCbQFSV3IsQfwvxL/N4gbY:W4upTiB5V0Cb1NBb
Behavioral task
behavioral1
Sample
2024-9-0x0000000000420000-0x0000000000446000-memory.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-9-0x0000000000420000-0x0000000000446000-memory.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.marinasands.gr - Port:
587 - Username:
[email protected] - Password:
;lHJ#%M!iBh- - Email To:
[email protected]
https://scratchdreams.tk
Targets
-
-
Target
2024-9-0x0000000000420000-0x0000000000446000-memory.dmp
-
Size
152KB
-
MD5
50d4fbf24bb86f25398560082858a65f
-
SHA1
6ed0d12ce1b171ac3c927d82a0ac15c0fb6b3657
-
SHA256
016753cbb4ae4df7813b6147047b557adbaa5edba542f689ac5ef55650782401
-
SHA512
b4f545a9ff34f176cf9178eacf5fbe1af8a2aad82572dea3a762a10948a8a2c1831f9426f4dd22f9a2e80780ddee0290f8b8b430b3f558b1d0485fc6b82a041f
-
SSDEEP
3072:uTFXvgupk2iBNUk5PMLZeEqBuCbQFSV3IsQfwvxL/N4gbY:W4upTiB5V0Cb1NBb
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-