General
-
Target
b639e9680b5ac670c7b58863479c1cf9c7bea436aee481fa9729c6a82508e556.exe
-
Size
956KB
-
Sample
240928-b59jassgnh
-
MD5
249f4ca7f1cc801c87cebd0cdf0b398e
-
SHA1
1241f91fa9239ed0553c33f6d3651644813f6f84
-
SHA256
b639e9680b5ac670c7b58863479c1cf9c7bea436aee481fa9729c6a82508e556
-
SHA512
0b6ae1f507b5599f9fb651576e12ae378b66111193623d806f0e6266e8ee93f1fa5dedd4d4b96f3360fecc81962b76e9bacc7c1096a96df5b33fbd64aa6a18d6
-
SSDEEP
24576:uRmJkcoQricOIQxiZY1iaCW7blKPxwwZM:7JZoQrbTFZY1iaCWIC7
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.teilecar.com - Port:
587 - Username:
[email protected] - Password:
Manta924porsche=911 - Email To:
[email protected]
Targets
-
-
Target
b639e9680b5ac670c7b58863479c1cf9c7bea436aee481fa9729c6a82508e556.exe
-
Size
956KB
-
MD5
249f4ca7f1cc801c87cebd0cdf0b398e
-
SHA1
1241f91fa9239ed0553c33f6d3651644813f6f84
-
SHA256
b639e9680b5ac670c7b58863479c1cf9c7bea436aee481fa9729c6a82508e556
-
SHA512
0b6ae1f507b5599f9fb651576e12ae378b66111193623d806f0e6266e8ee93f1fa5dedd4d4b96f3360fecc81962b76e9bacc7c1096a96df5b33fbd64aa6a18d6
-
SSDEEP
24576:uRmJkcoQricOIQxiZY1iaCW7blKPxwwZM:7JZoQrbTFZY1iaCWIC7
Score10/10-
Snake Keylogger
Keylogger and Infostealer first seen in November 2020.
-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-