General

  • Target

    2840-7-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    66837787bed389b947f543378257be66

  • SHA1

    acd7e17c407fb306503222f1902d4c508dcbe97b

  • SHA256

    c081d422b2fcf493c03ba3a179440ef0533b6bd9bb59afc339bb363696b0f163

  • SHA512

    256699c9a75cbd5af1632a76b22a63cab8ab4ca6454499f66d74a45e6f1cd2c47c10581e5360ea0a94d8647014ebf9b8572609316430e7b55be89a3194fe5312

  • SSDEEP

    3072:s99yINAgKjV545jbvk5Hbe7fMuJN07TwNumqoywlK6MPb5Z7mWxwvcXm:3INAgKjV5Cjbvk5Hbe7fMuJN07TQ/Kx

Score
10/10

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot7356382775:AAGzxLlOmP4nJK1F3NLaz3v_kDQvFkRsOtI/sendMessage?chat_id=2135869667

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2840-7-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections