General

  • Target

    6_stage4exe.zip

  • Size

    45KB

  • MD5

    650e71f1384ee29fd33e354de1abed65

  • SHA1

    4bcd282b3700caf4b7a8533f4fdcc26e81d6322e

  • SHA256

    577c27620d9d8988a19a7829103c3ea9dd699d6dd054de17e5b0adc196ee5061

  • SHA512

    dc5ac1b88ff356f606f76921946e78fd1fe7597f86455e05dc56822fc3e1dd49fc8bf47c1d000f10445b07f60bb89fff6b8139231d06d18380fb7235c8cf9093

  • SSDEEP

    768:bJQpTyuq+xF51363cdLZDau2yG6MuwuSRNcwtFJz+z7GaMKdcqzHx0/d7GTL4h2s:iTyGxX1CcZMQMuwuUt+zTbW9GTpVZbTI

Score
10/10

Malware Config

Extracted

Family

snakekeylogger

Credentials

  • Protocol:
    smtp
  • Host:
    us2.smtp.mailhostbox.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    UWzDeXWsD8

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6_stage4exe.zip
    .zip

    Password: infected

  • lfwhUWZlmFnGhDYPudAJ.bin
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections