General
-
Target
tmp.bin
-
Size
224KB
-
Sample
240516-frmvlade38
-
MD5
8f7d66981fa8d475e952d4804d7d5164
-
SHA1
8c87eb9cfbe46084ac94a97fa5e1aa4c0832f26c
-
SHA256
96f12222784c7fc6d77e47a01af2728cf2a75587d17946533eae4496ae3f5f6e
-
SHA512
574285d99e33a7b7ebff23ae18db719c603807e094de76bd75c5d3dfebde7a9698a2e936803e850e632b4b65462f218fd9105521912538a7f609c9f0bd6f9815
-
SSDEEP
6144:5DKW1Lgbdl0TBBvjc/4Iz+oI1ofZJFiesmbT:ph1Lk70TnvjctvIejFiesgT
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
tmp.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
snakekeylogger
https://scratchdreams.tk
Targets
-
-
Target
tmp.bin
-
Size
224KB
-
MD5
8f7d66981fa8d475e952d4804d7d5164
-
SHA1
8c87eb9cfbe46084ac94a97fa5e1aa4c0832f26c
-
SHA256
96f12222784c7fc6d77e47a01af2728cf2a75587d17946533eae4496ae3f5f6e
-
SHA512
574285d99e33a7b7ebff23ae18db719c603807e094de76bd75c5d3dfebde7a9698a2e936803e850e632b4b65462f218fd9105521912538a7f609c9f0bd6f9815
-
SSDEEP
6144:5DKW1Lgbdl0TBBvjc/4Iz+oI1ofZJFiesmbT:ph1Lk70TnvjctvIejFiesgT
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-