General
-
Target
QUOTATION_NOVQTRA071244·PDF.scr.exe
-
Size
404KB
-
Sample
241121-pb6gfasfmm
-
MD5
c62fb9bd9189ed019db81d5cec1ee11b
-
SHA1
1eda85cc204de90b33edddb1d8dfdf59a3dae847
-
SHA256
9c891264b004f469657e84658ba1d82d2365d9a76cfe7e18cefb2a8e0ccdb1a3
-
SHA512
99d1691a5c87237bc6faafe3ffd2f6a7e45c65805d5f527db62d4c3da0e4255c9924a1b47ecde11aff00f8dfbbf89de43f81ce650dbce114cf38bf437455be83
-
SSDEEP
1536:/v12J7YRB+RdtZTQj+AcC0VFQVQsjY30+NNU3PDQ7qPpqOLy0uyL+f1:129seA1Y3h6EYuyA
Static task
static1
Behavioral task
behavioral1
Sample
QUOTATION_NOVQTRA071244·PDF.scr.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
QUOTATION_NOVQTRA071244·PDF.scr.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
gator3220.hostgator.com - Port:
587 - Username:
[email protected] - Password:
ABBjy5ce)hyxmj99w - Email To:
[email protected]
Targets
-
-
Target
QUOTATION_NOVQTRA071244·PDF.scr.exe
-
Size
404KB
-
MD5
c62fb9bd9189ed019db81d5cec1ee11b
-
SHA1
1eda85cc204de90b33edddb1d8dfdf59a3dae847
-
SHA256
9c891264b004f469657e84658ba1d82d2365d9a76cfe7e18cefb2a8e0ccdb1a3
-
SHA512
99d1691a5c87237bc6faafe3ffd2f6a7e45c65805d5f527db62d4c3da0e4255c9924a1b47ecde11aff00f8dfbbf89de43f81ce650dbce114cf38bf437455be83
-
SSDEEP
1536:/v12J7YRB+RdtZTQj+AcC0VFQVQsjY30+NNU3PDQ7qPpqOLy0uyL+f1:129seA1Y3h6EYuyA
Score10/10-
Snake Keylogger payload
-
Snakekeylogger family
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-