MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2350e1e2b2e641e6da26751fef99faa95e3e91d5c892edeb08170d34ebdb8165. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


SnakeKeylogger


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 2350e1e2b2e641e6da26751fef99faa95e3e91d5c892edeb08170d34ebdb8165
SHA3-384 hash: f424d436720637274a6a1994c47e69dc07dcc081775364fd207383e026bd95431fbe8d01883477a7e9339f5b0edf7715
SHA1 hash: 8eb524500b5224cfe01f6f9c7bd25cf90706cad1
MD5 hash: 68a6ff2b2f1354e7d3a4e26e61d79199
humanhash: march-princess-leopard-west
File name:SAL-0908889000.R13
Download: download sample
Signature SnakeKeylogger
Create hunting rule
File size:8'071 bytes
First seen:2021-02-24 14:42:41 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 192:JlzrGBSfywxBYywCW6OppedpGJk/JB2QFEPWMxJM9H7:zysKUYytkIpG0JB2UEWMx+9b
TLSH AFF1B09AE471BD56C626E23415430B344B4A6DF3718E6313063B17466EB120BDE5F1B2
Reporter abuse_ch
Tags:r13 SnakeKeylogger


Avatar
abuse_ch
Malspam distributing SnakeKeylogger:

HELO: hosted-by.rootlayer.net
Sending IP: 45.137.22.52
From: Sales@bigeastequipment.com
Subject: ORDEN DE COMPRA-0353224
Attachment: SAL-0908889000.R13 (contains "SAL-0908889000.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
88
Origin country :
n/a
Vendor Threat Intelligence
Result
Verdict:
MALICIOUS
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/2350e1e2b2e641e6da26751fef99faa95e3e91d5c892edeb08170d34ebdb8165/
Threat name:
ByteCode-MSIL.Downloader.BaseLoader
Create hunting rule
Status:
Malicious
First seen:
2021-02-24 14:43:05 UTC
AV detection:
8 of 46 (17.39%)
Threat level:
  3/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=eniodyvs4za6nwrgoup67gp2vfpd5eovzcjo32yic4gtj263qfsq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

SnakeKeylogger

zip 2350e1e2b2e641e6da26751fef99faa95e3e91d5c892edeb08170d34ebdb8165

(this sample)

SnakeKeylogger

Executable exe 6e522cba657cf758c4443cdb216d7755a1ebf509b36b6a0e78ec183ac6aa7b72

  
Dropping
MD5 c746b25a2f6a24f188bd8f2927d566ba
  
Dropping
SnakeKeylogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 6e522cba657cf758c4443cdb216d7755a1ebf509b36b6a0e78ec183ac6aa7b72

Comments