General
-
Target
82a691d0d2c89557642dc0fc22bc2edd02461c64f2b21fd225f2993d4350b375.exe
-
Size
1015KB
-
Sample
240704-b4n6zaxfpj
-
MD5
9b36f1a92adf3c03c596bdda4e8ba903
-
SHA1
a0bc8f5b57813ad72b2d95c87ce42b1abd0a4f41
-
SHA256
82a691d0d2c89557642dc0fc22bc2edd02461c64f2b21fd225f2993d4350b375
-
SHA512
3351c0da097559464081be12a9e44892374b914e62e07f987b514d499d8e03a80b4c509d9d26e34051ffc2bf0917dc0a635f0864182cd7b8a6ccf247bec43f92
-
SSDEEP
24576:3qDEvCTbMWu7rQYlBQcBiT6rprG8aL5DLN:3TvC/MTQYxsWR7aL5P
Static task
static1
Behavioral task
behavioral1
Sample
82a691d0d2c89557642dc0fc22bc2edd02461c64f2b21fd225f2993d4350b375.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
82a691d0d2c89557642dc0fc22bc2edd02461c64f2b21fd225f2993d4350b375.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.marinasands.gr - Port:
587 - Username:
[email protected] - Password:
;lHJ#%M!iBh- - Email To:
[email protected]
https://scratchdreams.tk
Targets
-
-
Target
82a691d0d2c89557642dc0fc22bc2edd02461c64f2b21fd225f2993d4350b375.exe
-
Size
1015KB
-
MD5
9b36f1a92adf3c03c596bdda4e8ba903
-
SHA1
a0bc8f5b57813ad72b2d95c87ce42b1abd0a4f41
-
SHA256
82a691d0d2c89557642dc0fc22bc2edd02461c64f2b21fd225f2993d4350b375
-
SHA512
3351c0da097559464081be12a9e44892374b914e62e07f987b514d499d8e03a80b4c509d9d26e34051ffc2bf0917dc0a635f0864182cd7b8a6ccf247bec43f92
-
SSDEEP
24576:3qDEvCTbMWu7rQYlBQcBiT6rprG8aL5DLN:3TvC/MTQYxsWR7aL5P
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-