MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b5a5780cc95aee3f86225556d0370c2ab2b9509bfc62625eeac33249032bb1c9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

SnakeKeylogger

Vendor detections: 3

Intelligence 3 IOCs YARA File information Comments

SHA256 hash:	b5a5780cc95aee3f86225556d0370c2ab2b9509bfc62625eeac33249032bb1c9
SHA3-384 hash:	f6204097cf442c8b0b1f2a0bb32dfc09d7e97d17ea0ef95cfb402568edff4188733e21ee301004fb6fad4abe2982e8f1
SHA1 hash:	c8d2d8c9649d3d86145a72934187695678b1787d
MD5 hash:	c6201e9e46581793d78fd64e4622ced3
humanhash:	chicken-iowa-illinois-alanine
File name:	0lOcArS3GwQClRz 1.z
Download:	download sample
Signature	SnakeKeylogger Create hunting rule
File size:	867'025 bytes
First seen:	2020-12-22 07:24:16 UTC
Last seen:	Never
File type:	z
MIME type:	application/x-rar
ssdeep	12288:CRb586m3Auqs9D46Y4pXh+SyQaCzNWE2Ml3P3bfxSclm3nk+KUfJ+1qRi0AzgYYu:OpmkVAxiszNW/MdDUxnk+PJlR0gDrycy
TLSH	890533A96F3448F1083B82EA434C7DEAAC8189084F7F34E14EC1719D5B90EA5DD9D77A
Reporter	abuse_ch
Tags:	SnakeKeylogger z

abuse_ch

Malspam distributing SnakeKeylogger:

HELO: WIN-D253A4F02D5
Sending IP: 185.222.58.151
From: Purchase Order<OrderDetails@trackyourorder12.com>
Subject: Purchase Order - Payment Remittance
Attachment: 0lOcArS3GwQClRz 1.z (contains "Document pdf...................exe")