General
-
Target
2176-15-0x0000000000400000-0x0000000000426000-memory.dmp
-
Size
152KB
-
MD5
f93ec8b5c8832aa1c9b3f7ab64d50ac6
-
SHA1
0248490e5811a95a2b27c2ac9e8d64f2407928b9
-
SHA256
28c8c9a979fb2d33a75fed54ab3476c1e839f0e67b98f1135360e47057e5d94d
-
SHA512
3e78fbfe145b41d145cb384433b3f6e5a87ab640e60e36f09054ed7a10aa3a184a883bf57afcf0bdd9374163b6c0bc645ab3c485cb9a910b8fe5073cad959261
-
SSDEEP
3072:nItxksC4RHxdXK1rMA13SjXaH03Xik2n4Fb0Kvvsr1wvxLx0GgbY:sksCMHx9KdCZKn4Fbz0nb
Score
10/10
Malware Config
Extracted
Family
snakekeylogger
Credentials
Protocol: smtp- Host:
valleycountysar.org - Port:
26 - Username:
[email protected] - Password:
fY,FLoadtsiF
C2
http://103.130.147.85
Signatures
-
Snake Keylogger payload 1 IoCs
-
Snakekeylogger family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2176-15-0x0000000000400000-0x0000000000426000-memory.dmp
Headers
Sections