MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7bd7aac97d0de3e8640bb7d552ea65148933cf517d07c4cdd40b70a9d05af90c. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


SnakeKeylogger


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 7bd7aac97d0de3e8640bb7d552ea65148933cf517d07c4cdd40b70a9d05af90c
SHA3-384 hash: 6f4e92478215738e88fe0c98bcfcd521b6836a988144d56eda700327deb5aeff7ea3f86dd3e19e44328031db4577612b
SHA1 hash: 44d261b2f2b23c1884f3dd4cefe76fd66580293c
MD5 hash: a471894e6297e8fb0d7996b59f47e3c5
humanhash: purple-shade-grey-lima
File name:IMG_40317.img
Download: download sample
Signature SnakeKeylogger
Create hunting rule
File size:2'097'152 bytes
First seen:2021-01-20 06:31:51 UTC
Last seen:Never
File type: img
MIME type:application/x-iso9660-image
ssdeep 12288:uy50jwcEc6tgGujMLFubuS0Bis9JC2cxgEIRMOz01As6fnjp+1c:D08cEc6tE4I2CvaMOz011UU
TLSH 37A5CF0692164693E5143C7A842F2F9443449BBE3893D397B80D7763FB92FCC6A825F9
Reporter abuse_ch
Tags:img SnakeKeylogger Strato


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: mo4-p04-ob.smtp.rzone.de
Sending IP: 85.215.255.121
From: Shehani Melisheya <info@valevla.com>
Reply-To: info@valevla.com
Subject: Re: Booking Request
Attachment: IMG_40317.img (contains "IMG_40317.pdf.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
166
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Sanesecurity.Foxhole.Iso_fs2061.UNOFFICIAL
Create hunting rule

PUA.Win.Trojan.Generic-6629274-0
Create hunting rule

Result
Verdict:
MALICIOUS
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/7bd7aac97d0de3e8640bb7d552ea65148933cf517d07c4cdd40b70a9d05af90c/
Threat name:
Win32.Trojan.Zmutzy
Create hunting rule
Status:
Malicious
First seen:
2021-01-20 06:32:09 UTC
AV detection:
11 of 45 (24.44%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=ppl2vsl5bxr6qzalw7kvf2tfcsetht2rpud4jtoubnyktuc27ega._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/7bd7aac97d0de3e8640bb7d552ea65148933cf517d07c4cdd40b70a9d05af90c

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

SnakeKeylogger

img 7bd7aac97d0de3e8640bb7d552ea65148933cf517d07c4cdd40b70a9d05af90c

(this sample)

SnakeKeylogger

Executable exe ae33318e53652eda0917a4f856ecf0041d8f57b73bf82bc6322921ea16654a04

  
Dropping
MD5 9da79ca571b3427fbd82003b94ee08d2
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 ae33318e53652eda0917a4f856ecf0041d8f57b73bf82bc6322921ea16654a04

Comments