MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 45f5574c29491bd4958a2bbfaa0c74ba255390bbf82b9a37068ecabd39a2889e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


SnakeKeylogger


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 45f5574c29491bd4958a2bbfaa0c74ba255390bbf82b9a37068ecabd39a2889e
SHA3-384 hash: a051ce82ed4f7ae93aaacb7465a951800601ff398bd6d312b9242982189fc9f88175585a0050a0fce4d283cfaba7b16b
SHA1 hash: 8f4693e6b4864dda951a1ff29a41adbcc0217279
MD5 hash: 1fadd7735a2738c3fb6f71841047892d
humanhash: alpha-twenty-cat-king
File name:IMG_167749pdf.iso
Download: download sample
Signature SnakeKeylogger
Create hunting rule
File size:1'835'008 bytes
First seen:2021-01-26 06:30:01 UTC
Last seen:Never
File type: iso
MIME type:application/x-iso9660-image
ssdeep 12288:GKDDBHfNbxpinJDjNBZTNYgaU0f63H4kIs:GKDDr/ihtNYq0fyYF
TLSH 3785E0439A674663DF32AC7B444F80898B98AD7B64A0B38EB44D33617711CB676CC87D
Reporter cocaman
Tags:iso SnakeKeylogger


Avatar
cocaman
Malicious email (T1566.001)
From: "Purchase<purchase@bhandarigroup.org>" (likely spoofed)
Received: "from bhandarigroup.org (unknown [185.222.58.142]) "
Date: "25 Jan 2021 15:01:47 -0800"
Subject: "PO FOR PVC PET STRAP(GREEN) 19.00 MM X 1.27 MM"
Attachment: "IMG_167749pdf.iso"

Intelligence

File Origin
# of uploads :
1
# of downloads :
133
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Sanesecurity.Foxhole.Iso_fs2061.UNOFFICIAL
Create hunting rule

PUA.Win.Trojan.Generic-6629274-0
Create hunting rule

Result
Verdict:
MALICIOUS
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/45f5574c29491bd4958a2bbfaa0c74ba255390bbf82b9a37068ecabd39a2889e/
Threat name:
ByteCode-MSIL.Trojan.Tnega
Create hunting rule
Status:
Malicious
First seen:
2021-01-25 04:22:23 UTC
File Type:
Binary (Archive)
Extracted files:
6
AV detection:
12 of 28 (42.86%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=ix2votbjjen5jfmkfo72udduxisvhef37avzunygr3fl2oncrcpa._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/45f5574c29491bd4958a2bbfaa0c74ba255390bbf82b9a37068ecabd39a2889e

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

SnakeKeylogger

iso 45f5574c29491bd4958a2bbfaa0c74ba255390bbf82b9a37068ecabd39a2889e

(this sample)

SnakeKeylogger

Executable exe ff68f0b8908d33ce1a3eb32cc1478e911b4e9dd853371f62a604fb366b274234

  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 ff68f0b8908d33ce1a3eb32cc1478e911b4e9dd853371f62a604fb366b274234
  
Dropping
SnakeKeylogger

Comments