MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c02b86f47011d7fe6e18adc1a6d105c439c9a476c217d7e625690affef2edf35. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


SnakeKeylogger


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: c02b86f47011d7fe6e18adc1a6d105c439c9a476c217d7e625690affef2edf35
SHA3-384 hash: 40dd3dac6509170344c07ccc0f3e743afac317bbf793a4854a85dfbc577332a9d1d1d6ed287f94f6a53114e05de835d2
SHA1 hash: 7bc45702ca5e0ae42d45ba60e67c9140a48fdbbb
MD5 hash: e77c0387f0f0f1ab393c5c43e22220c5
humanhash: speaker-paris-single-montana
File name:Invoice Number T6077635.pdf.gz
Download: download sample
Signature SnakeKeylogger
Create hunting rule
File size:240'391 bytes
First seen:2021-02-07 07:21:02 UTC
Last seen:Never
File type: gz
MIME type:application/gzip
ssdeep 6144:hMuYxQTd023Ix9phQ2KiUFlKbtKMvT/ICWWOycNC+:yqTdjcp1HVrvbICt+
TLSH 5134124E264272B0E46FF2F9284BF85190C1A5891E50DDEE2982DCB2FE7B15F4964F06
Reporter abuse_ch
Tags:gz


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: hosted-by.rootlayer.net
Sending IP: 45.137.22.107
From: opteam@neuron.ae
Subject: Request Invoice
Attachment: Invoice Number T6077635.pdf.gz (contains "Invoice Number T6077635.pdf.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
208
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.GenericKD.36310601.9382.10013.UNOFFICIAL
Create hunting rule

Result
Verdict:
UNKNOWN
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/c02b86f47011d7fe6e18adc1a6d105c439c9a476c217d7e625690affef2edf35/
Threat name:
ByteCode-MSIL.Trojan.SnakeKeylogger
Create hunting rule
Status:
Malicious
First seen:
2021-02-07 07:21:08 UTC
AV detection:
22 of 29 (75.86%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=yavyn5dqchl743qyvxa2nuifyq44tjdwyil5pzrfnefp73zo342q._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/c02b86f47011d7fe6e18adc1a6d105c439c9a476c217d7e625690affef2edf35

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

SnakeKeylogger

gz c02b86f47011d7fe6e18adc1a6d105c439c9a476c217d7e625690affef2edf35

(this sample)

SnakeKeylogger

Executable exe bf7a956dd59e896c36470f38328b0a68da5f7f8a0d42d835db501324e1daec58

  
Dropping
MD5 cea340d0902311318ae4ee12a99ec495
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 bf7a956dd59e896c36470f38328b0a68da5f7f8a0d42d835db501324e1daec58

Comments