MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 47f4843c3dbfa0d801e05161c5891aedd252a09aef20e5b4c0b420f599456dec. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


SnakeKeylogger


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 47f4843c3dbfa0d801e05161c5891aedd252a09aef20e5b4c0b420f599456dec
SHA3-384 hash: 338df8d86ab50d5a30bf47cfb90a20be07718456d127f5bca13541a01e4318cc3ec71584194700e50b5905a8a039dc90
SHA1 hash: fa4b8277de626b6d91e92a4c9393546920ea7329
MD5 hash: 3c92dd00fa34486aa4048e914996f4e9
humanhash: washington-jig-ceiling-yankee
File name:INV CONFIRMATION.ace
Download: download sample
Signature SnakeKeylogger
Create hunting rule
File size:564'356 bytes
First seen:2021-02-10 06:20:44 UTC
Last seen:2021-02-10 07:09:16 UTC
File type: ace
MIME type:application/octet-stream
ssdeep 12288:WaAj/THSmJpG0II9lG8RxTzqoyOEjXkFmhusVgAQ:Wj+iG0pXzxTG1OEgFm1mT
TLSH 59C42344AAB7B85F5153E8FA0FF4FD4E2C40AE9C107AE3D0482E627419871FB899875C
Reporter cocaman
Tags:ace SnakeKeylogger

Intelligence

File Origin
# of uploads :
3
# of downloads :
78
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Sanesecurity.Malware.25738.AceHeur.Exe.UNOFFICIAL
Create hunting rule

Sanesecurity.Malware.25166.AceHeur.Exe.UNOFFICIAL
Create hunting rule

SecuriteInfo.com.Suspicious-ACE-exe.UNOFFICIAL
Create hunting rule

Result
Verdict:
MALICIOUS
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/47f4843c3dbfa0d801e05161c5891aedd252a09aef20e5b4c0b420f599456dec/
Threat name:
Win32.Infostealer.Fareit
Create hunting rule
Status:
Malicious
First seen:
2021-02-10 04:25:52 UTC
File Type:
Binary (Archive)
Extracted files:
17
AV detection:
14 of 47 (29.79%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=i72iipb5x6qnqapakfq4lci25xjffie254qolngawqqplgkfnxwa._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/47f4843c3dbfa0d801e05161c5891aedd252a09aef20e5b4c0b420f599456dec

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

SnakeKeylogger

zip c6cf964f44ab8812f5eaeb1ae37fd1193b4e0cdd80142682a344de1f650e904c

SnakeKeylogger

ace 47f4843c3dbfa0d801e05161c5891aedd252a09aef20e5b4c0b420f599456dec

(this sample)

SnakeKeylogger

Executable exe 0f651ba14b0d8a07828c32cc6a22cc5f624a92292be93a6b4773cbcad935bc1c

  
Delivery method
Other
  
Dropped by
SHA256 c6cf964f44ab8812f5eaeb1ae37fd1193b4e0cdd80142682a344de1f650e904c
  
Dropping
SHA256 0f651ba14b0d8a07828c32cc6a22cc5f624a92292be93a6b4773cbcad935bc1c
  
Dropping
MD5 02fd5912c6eac9a6456704470ea4832b

Comments