General
-
Target
C0R98180T99809668.eml
-
Size
153KB
-
Sample
240808-lzg7zasbqn
-
MD5
4dd43cd28cf4f2be9901f499fdfbc187
-
SHA1
920208a90ae33b009687886609f00085be4f5ca1
-
SHA256
490c6a7ecbe059cdf50cd5a218cb15f841e8064f529cbedd33592db4386efd89
-
SHA512
3c4e74067412261732f6f5bb72cc14ce6ce2e86b0f3dadd3ae594dc2e6e32a84c3af6797fbf33113a8db5ac10097dd28865243302e39555e45aee35f44f5c5ec
-
SSDEEP
3072:xeusf2cv/hor9Bgt9u2a5ol9nY+42m52GbVF97H6k2/P:Ri2cv/h0Bgt95vHnYlAGbVkP
Behavioral task
behavioral1
Sample
FedEx AWB 000263577955.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
FedEx AWB 000263577955.exe
-
Size
270KB
-
MD5
cfc120bf407819279cf397b82349f981
-
SHA1
02a48aa73c673adb1e0f7853a2134621915c20da
-
SHA256
b8d723a1c3a3fd42eebbf246571cf7704bc34001cf1a7599b0e2838957537140
-
SHA512
c8910a24f0ea386847824994537a8216238abac73ec242a2588d3f93a45681e86626781afa203799d7769b3d791273cca6242267d23510833f6c1a32f2246f72
-
SSDEEP
3072:lRaT7BpxrdPlRH/Pc3ctX9eymsjK5aBlTpHOKpSUYmyG5EMbfPG4s0PUYTVg4i4g:8e3slTsUVyGlbnGGzb
-
Detects VIPKeylogger Payload
Detects VIPKeylogger a variant of Snakekeylogger.
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-