MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7221260db6ab11d87f3763428b64d9dba0d012e57f6a50f0f9fedba753b8fd93. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


SnakeKeylogger


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 7221260db6ab11d87f3763428b64d9dba0d012e57f6a50f0f9fedba753b8fd93
SHA3-384 hash: 2665c15181fabf019ca47880d63271f511aed89f6beffeb2af347ea1ce7b847f586212192a7fa85e4adc866736e754e2
SHA1 hash: c8743fe49c26729e359491b9e098e4d0d16be4e8
MD5 hash: 95edb26c2246eab7517d1b2731d93132
humanhash: paris-mars-delta-zebra
File name:IMG_015_065_07 1.iso
Download: download sample
Signature SnakeKeylogger
Create hunting rule
File size:1'245'184 bytes
First seen:2021-03-25 10:16:39 UTC
Last seen:Never
File type: iso
MIME type:application/x-iso9660-image
ssdeep 768:oTQXozoqo5rIrUw69T6j5UVivTlgooQF3U85Z0GflnEGflvx/FIwJGun51u1l/Zh:Two5FIgw6cjukxgmFE858
TLSH 594551E80AE5C4D7E92CF9B4979549DA623FAD333020852B758F40C3CB977D268D126D
Reporter abuse_ch
Tags:iso SnakeKeylogger


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: boutontrading.com
Sending IP: 103.125.191.170
From: info<info@boutontrading.com>
Reply-To: info<xmgtsale10@gmail.com>
Subject: FW:Re: Confirm revised PO_107_526_780 to proceed with payment ASAP.
Attachment: IMG_015_065_07 1.iso (contains "IMG_015_065_07.bat")

Intelligence

File Origin
# of uploads :
1
# of downloads :
136
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.Siggen12.56601.534.11331.UNOFFICIAL
Create hunting rule

Result
Verdict:
MALICIOUS
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/7221260db6ab11d87f3763428b64d9dba0d012e57f6a50f0f9fedba753b8fd93/
Threat name:
ByteCode-MSIL.Trojan.Bsymem
Create hunting rule
Status:
Malicious
First seen:
2021-03-25 10:17:06 UTC
AV detection:
12 of 29 (41.38%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=oiqsmdnwvmi5q7zxmnbiwzgz3oqnaexfp5vfb4hz73n2ou5y7wjq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.10
Link:
https://yomi.yoroi.company/submissions/7221260db6ab11d87f3763428b64d9dba0d012e57f6a50f0f9fedba753b8fd93

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

SnakeKeylogger

iso 7221260db6ab11d87f3763428b64d9dba0d012e57f6a50f0f9fedba753b8fd93

(this sample)

SnakeKeylogger

Executable exe afd0e2a33836232d156324023353331d3dbc04364b85f61f7e01a7504cf14a18

  
Dropping
MD5 bcb4e1f0be43c7e0ca45c5b4a7b330f8
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 afd0e2a33836232d156324023353331d3dbc04364b85f61f7e01a7504cf14a18

Comments