General
-
Target
e1f978caa52bea250231b81984e7e093a870c648267a1929a6b0f7c15471719f.zip
-
Size
688KB
-
Sample
240515-t5trysab39
-
MD5
77e2c5eb5d30384a28a9753a65429207
-
SHA1
008040f2028ca916740b094f1fe48d9407275c01
-
SHA256
0c6f1bcf43a35693e41ebf7ec6c9094b1452837dba3cd2c411ff54f1996dfc4b
-
SHA512
2785e49d9c3c7b252d40008a50ec579c2d565b4ed69a860afa33e14cd1abc089240fed0fe651c6b872539f7b9b4a0339fb831aa0282798cb94a56a9e0b0766c8
-
SSDEEP
12288:SWX+3u/kZGtdZaWLGbKAOiD+bRHZq+KSnk3+kOLv49im7QTkeiJW+D0nvIZvm3GO:NO3u/kstdZVLGOAADq6kOkOE9imN29Q2
Static task
static1
Behavioral task
behavioral1
Sample
e1f978caa52bea250231b81984e7e093a870c648267a1929a6b0f7c15471719f.zip
Resource
win7-20240220-es
Behavioral task
behavioral2
Sample
e1f978caa52bea250231b81984e7e093a870c648267a1929a6b0f7c15471719f.zip
Resource
win10v2004-20240508-es
Behavioral task
behavioral3
Sample
e1f978caa52bea250231b81984e7e093a870c648267a1929a6b0f7c15471719f.zip
Resource
win7-20240508-es
Behavioral task
behavioral4
Sample
e1f978caa52bea250231b81984e7e093a870c648267a1929a6b0f7c15471719f.zip
Resource
win10v2004-20240226-es
Behavioral task
behavioral5
Sample
ORDEN DE COMPRA URGENTE pdf.exe
Resource
win7-20240221-es
Behavioral task
behavioral6
Sample
ORDEN DE COMPRA URGENTE pdf.exe
Resource
win10v2004-20240426-es
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.gbogboro.com - Port:
587 - Username:
[email protected] - Password:
Egoamaka@123
https://scratchdreams.tk
Targets
-
-
Target
e1f978caa52bea250231b81984e7e093a870c648267a1929a6b0f7c15471719f.zip
-
Size
688KB
-
MD5
77e2c5eb5d30384a28a9753a65429207
-
SHA1
008040f2028ca916740b094f1fe48d9407275c01
-
SHA256
0c6f1bcf43a35693e41ebf7ec6c9094b1452837dba3cd2c411ff54f1996dfc4b
-
SHA512
2785e49d9c3c7b252d40008a50ec579c2d565b4ed69a860afa33e14cd1abc089240fed0fe651c6b872539f7b9b4a0339fb831aa0282798cb94a56a9e0b0766c8
-
SSDEEP
12288:SWX+3u/kZGtdZaWLGbKAOiD+bRHZq+KSnk3+kOLv49im7QTkeiJW+D0nvIZvm3GO:NO3u/kstdZVLGOAADq6kOkOE9imN29Q2
Score1/10 -
-
-
Target
e1f978caa52bea250231b81984e7e093a870c648267a1929a6b0f7c15471719f.zip
-
Size
688KB
-
MD5
12aa927df35423dbe91b5292984eece2
-
SHA1
3b24ba04f86ba0c775b03be74a5065c792656e93
-
SHA256
e1f978caa52bea250231b81984e7e093a870c648267a1929a6b0f7c15471719f
-
SHA512
2a2eede8f39adfae3c5ee60357b262575463d9be09b40b2b63a1d526102850c34efe24397f2705769aa2b894cd2dbde3dd13c35223d7b165e2ef5e2570f70098
-
SSDEEP
12288:9x6I7b+YmuED5xWW8vpsfgRALroJMpxsk9eyGIjX68J5KWxonptdWeKtD:iYdmNDtfFLXgcqK5EpnWRx
Score1/10 -
-
-
Target
ORDEN DE COMPRA URGENTE pdf.exe
-
Size
1.1MB
-
MD5
56c2e79168a27d15ada4499a0c3feec9
-
SHA1
7797ea5dc3cd1191d5ebb051f62f79849b6835ce
-
SHA256
0a6f0b8ace6e7a43bc35e80cee2d7769c4ef3a994b4d38cd4bf7978dfc97c7e8
-
SHA512
426625985be91c443716a9f68ffdc6667cc5129e2ee4ef554472ab43f8c9a3c037dbc8d9591d99827b0f7fc27c22fb9e793c4a3a947158ca2866df52b166e0f6
-
SSDEEP
12288:agdVYTTZEcmgH5KqlyGNb5AdER2wOBgNAXrO50Zx0k3eOGIRl6QJn0WpoJpx5oCH:agdVYhHQqcE2BbX/QCc2VUprodc
Score10/10-
Snake Keylogger payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-