Extracted

• • Target

    MR for steam DRUM-A1_pdf.exe

  • Size

    1.1MB

  • MD5

    aaa6233ad5bf1fa876ad708b2af4d7d5

  • SHA1

    caa797aaac80a8c807e8e152f280188b8b4e8819

  • SHA256

    13d4f8ebe986653a6512cace310b4927b694a5127036d85c2d1c8840634537e4

  • SHA512

    5cab1d39f1af187bc34073052e1672cee1aa131272abae98053f2273afc9f57b573517358e110dd6b56f4653ead9ab653828c80bb408f3456f3451db901a257e

  • SSDEEP

    24576:ffmMv6Ckr7Mny5QLI2klYKlUhypdA0IJF/iog:f3v+7/5QLbkl/Uhad7I9g

  Score

  10^/10

  snakekeyloggercollectiondiscoverykeyloggerstealer

  • Snake Keylogger

    Keylogger and Infostealer first seen in November 2020.

    stealerkeyloggersnakekeylogger

  • Snake Keylogger payload

  • Snakekeylogger family

    snakekeylogger

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2