General
-
Target
0e8152b702c6bf11f73fa030382ee6f076fe839b48c3c490140cde948c8b2e1e
-
Size
129KB
-
Sample
240712-fjqlhs1hna
-
MD5
185f33b6202bb779a46234e02ce8199b
-
SHA1
a67291dd0cc7fd70d78eb395b0277be770f79518
-
SHA256
0e8152b702c6bf11f73fa030382ee6f076fe839b48c3c490140cde948c8b2e1e
-
SHA512
90153d402f8970ee31d606ae4b3667d81a156463e615ac22408f1ea6a4e753ad16992a27f6626d9cc6c095e3fbcd5e3134c1dcc9bf033614dd590be71a35a268
-
SSDEEP
3072:eqd9klJFhj3NolU9jceaDS+bLpsrzwvxLVpaDbY:tklJHj3QaN+b/pgb
Behavioral task
behavioral1
Sample
0e8152b702c6bf11f73fa030382ee6f076fe839b48c3c490140cde948c8b2e1e.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
0e8152b702c6bf11f73fa030382ee6f076fe839b48c3c490140cde948c8b2e1e.exe
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
0e8152b702c6bf11f73fa030382ee6f076fe839b48c3c490140cde948c8b2e1e.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral4
Sample
0e8152b702c6bf11f73fa030382ee6f076fe839b48c3c490140cde948c8b2e1e.exe
Resource
win11-20240709-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.myanmarblossom.com - Port:
587 - Username:
[email protected] - Password:
tsa211772023kyi - Email To:
[email protected]
http://103.130.147.85
Targets
-
-
Target
0e8152b702c6bf11f73fa030382ee6f076fe839b48c3c490140cde948c8b2e1e
-
Size
129KB
-
MD5
185f33b6202bb779a46234e02ce8199b
-
SHA1
a67291dd0cc7fd70d78eb395b0277be770f79518
-
SHA256
0e8152b702c6bf11f73fa030382ee6f076fe839b48c3c490140cde948c8b2e1e
-
SHA512
90153d402f8970ee31d606ae4b3667d81a156463e615ac22408f1ea6a4e753ad16992a27f6626d9cc6c095e3fbcd5e3134c1dcc9bf033614dd590be71a35a268
-
SSDEEP
3072:eqd9klJFhj3NolU9jceaDS+bLpsrzwvxLVpaDbY:tklJHj3QaN+b/pgb
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-