General
-
Target
9e5762b0fb425b6e9b9e886e9f7c517d02928b3d355755fcf4e28a2ac8ceefa2.exe
-
Size
607KB
-
Sample
240524-nwmpdsfg9w
-
MD5
ac78d040e052a079b89378bacbb2d5df
-
SHA1
fa96990e3825fc42a17745c3232333e6cff537e2
-
SHA256
9e5762b0fb425b6e9b9e886e9f7c517d02928b3d355755fcf4e28a2ac8ceefa2
-
SHA512
70b7497f4272841f629764763112d0b28e1300cc91f66d044a081f4d47c7487ede52e4cf9fbfc1fa69ce00a9aef0bab005964320c63ae301594967db62f86a8a
-
SSDEEP
12288:fRHI0ZuTGPV811Iyu2Cxt/zfBvpQtRBWXyWe635+urxdoT9:fpZuSPiA1FzHsPO7e0+m6Z
Static task
static1
Behavioral task
behavioral1
Sample
9e5762b0fb425b6e9b9e886e9f7c517d02928b3d355755fcf4e28a2ac8ceefa2.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
9e5762b0fb425b6e9b9e886e9f7c517d02928b3d355755fcf4e28a2ac8ceefa2.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.gbogboro.com - Port:
587 - Username:
[email protected] - Password:
Egoamaka@123
https://scratchdreams.tk
Targets
-
-
Target
9e5762b0fb425b6e9b9e886e9f7c517d02928b3d355755fcf4e28a2ac8ceefa2.exe
-
Size
607KB
-
MD5
ac78d040e052a079b89378bacbb2d5df
-
SHA1
fa96990e3825fc42a17745c3232333e6cff537e2
-
SHA256
9e5762b0fb425b6e9b9e886e9f7c517d02928b3d355755fcf4e28a2ac8ceefa2
-
SHA512
70b7497f4272841f629764763112d0b28e1300cc91f66d044a081f4d47c7487ede52e4cf9fbfc1fa69ce00a9aef0bab005964320c63ae301594967db62f86a8a
-
SSDEEP
12288:fRHI0ZuTGPV811Iyu2Cxt/zfBvpQtRBWXyWe635+urxdoT9:fpZuSPiA1FzHsPO7e0+m6Z
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-