MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ae3fcb18e6fc63497e3c1484f517e009de7e20c75ad1d94033fe9714ca2ada12. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


SnakeKeylogger


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: ae3fcb18e6fc63497e3c1484f517e009de7e20c75ad1d94033fe9714ca2ada12
SHA3-384 hash: 8627474564981d362da82f8e908a5c82ca258d0b52f4bdfa85da1920923d64e8cdafc9611c5f3f6ea30b39153b12c498
SHA1 hash: 966aec97bd7d71d54b33db8941e1b26d84f1198e
MD5 hash: 990ecfdec5d1cc364677ee2b02ca80a4
humanhash: king-tango-golf-iowa
File name:PR Number 21Y493-KR CALIBRATION.img
Download: download sample
Signature SnakeKeylogger
Create hunting rule
File size:1'835'008 bytes
First seen:2021-03-22 07:32:37 UTC
Last seen:Never
File type: img
MIME type:application/x-iso9660-image
ssdeep 12288:l+A4BYNJNkQs4eJrzQ212A049fkRfJxsiYjeBRbwwtT1UzYuIS01Rkg72W41gZIL:l8YN1qpU21VIJxQjeDvOYuk1v
TLSH 6685290962EC7FC8E23A17746575405587F5F50ADA36DBADFD90408A0A62B03BFB3722
Reporter abuse_ch
Tags:img SnakeKeylogger


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: onikom.com.mx
Sending IP: 52.24.102.163
From: Kashif Aziz <tecfluid@tecfluid.com>
Reply-To: info <mt.gov@waad.com.sa>
Subject: MOST URGENT REQUEST FOR QUOTATION WITH REFERENCE -----21Y493-KR(CALIBRATION)
Attachment: PR Number 21Y493-KR CALIBRATION.img (contains "PR Number 21Y493-KR (CALIBRATION).exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
116
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.PackedNET.594.11018.16040.UNOFFICIAL
Create hunting rule

Result
Verdict:
MALICIOUS
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/ae3fcb18e6fc63497e3c1484f517e009de7e20c75ad1d94033fe9714ca2ada12/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=vy74wghg7rrus7r4cscpkf7abhph4ighlli5sqbt72lrjsrk3ija._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
0.85
Link:
https://yomi.yoroi.company/submissions/ae3fcb18e6fc63497e3c1484f517e009de7e20c75ad1d94033fe9714ca2ada12

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

SnakeKeylogger

img ae3fcb18e6fc63497e3c1484f517e009de7e20c75ad1d94033fe9714ca2ada12

(this sample)

SnakeKeylogger

Executable exe 4b50cfdb80f97772bf9db74da5beaabe27ea414599f1c702c1a5014643413c97

  
Dropping
MD5 991178d1e7eeb07830957aaf4ad3e11e
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 4b50cfdb80f97772bf9db74da5beaabe27ea414599f1c702c1a5014643413c97

Comments