MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e283d9308a186043d9f83bc5d3f7e15ac42bd3fecf963ef4dee7f66fed3f0415. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

SnakeKeylogger

Vendor detections: 4

Intelligence 4 IOCs YARA File information Comments

SHA256 hash:	e283d9308a186043d9f83bc5d3f7e15ac42bd3fecf963ef4dee7f66fed3f0415
SHA3-384 hash:	d3a3ce6fb4601143c86e7b40757955c55b11a42ecf674b6c6e4f827a69914566ec742c63b16796772ae330dc866dc279
SHA1 hash:	4f14a2320066eb021ca535874935b7cd9b948a1e
MD5 hash:	0c294d5c240a295de3dd6b6fbafe196f
humanhash:	echo-equal-fruit-india
File name:	POL 495.r09
Download:	download sample
Signature	SnakeKeylogger Create hunting rule
File size:	295'444 bytes
First seen:	2021-01-29 16:35:13 UTC
Last seen:	Never
File type:	r09
MIME type:	application/x-rar
ssdeep	6144:3VR5220ZH4MVsg7MDG8RDV2JeZAfKeogTYrdhIcQUUgkw:lb220ZH1VJ7ML2o0KetTYXbQUd
TLSH	2A54234B976E722D7F82205F15D438EBE049255F71F84531E20DFDA179F923382B891A
Reporter	abuse_ch
Tags:	r09 SnakeKeylogger

abuse_ch

Malspam distributing SnakeKeylogger:

HELO: mail.nclbd.net
Sending IP: 202.4.96.212
From: Hani Mahmassani <finance@multilinkindia.com>
Subject: Re: new order POL 495 28-01-21
Attachment: POL 495.r09 (contains "POL 495.exe")