MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 16239fd023bc9cf3b827ff8e52e15b97b504eac112924550b34e38b04e44889d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

SnakeKeylogger

Vendor detections: 5

Intelligence 5 IOCs YARA File information Comments

SHA256 hash:	16239fd023bc9cf3b827ff8e52e15b97b504eac112924550b34e38b04e44889d
SHA3-384 hash:	9d88419d743b1b407083e7d884b5583fec7de6f73e385c1908498e2f7f19b267f91aa49e988ffe3d658f9fde3660f1f4
SHA1 hash:	c2f55ec434bc16ee084830f643d3e52bf446f696
MD5 hash:	ff5f0a439e56b1a27ad7443ac5b671fa
humanhash:	mike-monkey-avocado-jig
File name:	090008000000000000.doc.z
Download:	download sample
Signature	SnakeKeylogger Create hunting rule
File size:	737'503 bytes
First seen:	2021-01-20 14:02:13 UTC
Last seen:	Never
File type:	zip
MIME type:	application/zip
ssdeep	12288:e5VPcdK5ZH3FhW3RUws+VpjDquYYqWRfHaNEvvZYpHCwD6oQkemsRn6Ym2a76EGK:WUCHbWheG9quYYqW1aNmapBDEwsRn62i
TLSH	CCF423ADC849ADB300B66F732A546E01ECD2F8A61BC7CDB7D440930B7F0A585239DD99
Reporter	abuse_ch
Tags:	z

abuse_ch

Malspam distributing unidentified malware:

HELO: hosted-by.rootlayer.net
Sending IP: 45.137.22.52
From: "Sareera Nunnuck"<sales@hplanners.com>
Subject: PO-INVOICE-0900000
Attachment: 090008000000000000.doc.z (contains "090008000000000000.exe")