MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e28d4bfe77b2aee9dbf967b054ad90fb24eeaebd921869dc6a9660bc32d4b2a9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


SnakeKeylogger


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: e28d4bfe77b2aee9dbf967b054ad90fb24eeaebd921869dc6a9660bc32d4b2a9
SHA3-384 hash: e1ad26539213dd750d76148e8ab88ccd6a3ccbffba16677147fa40f70dd661cacd9fe5400abcc1ff017ce78a020a4267
SHA1 hash: ef675d1cca5a7221fd8d6e28ac5574021ccc3627
MD5 hash: 9e51db4a84183e003dded0a85bc88a10
humanhash: hamper-island-undress-texas
File name:COMPANY DATA.iso
Download: download sample
Signature SnakeKeylogger
Create hunting rule
File size:1'376'256 bytes
First seen:2021-02-23 15:55:31 UTC
Last seen:Never
File type: iso
MIME type:application/x-iso9660-image
ssdeep 12288:MEMYLmsUN8duwV3mKcF9Y4Xk3QPiCGgBJhIPOF/ZAvoHBEN/SGgY8/P0VsfHRcB+:MEMkrduK3szm+MdM
TLSH 9A557CB7D348C6E6CED015F8920F9E935611BFCF80D066C8AADEB03BA378561D1D8991
Reporter abuse_ch
Tags:iso SnakeKeylogger


Avatar
abuse_ch
Malspam distributing SnakeKeylogger:

HELO: sv851.xserver.jp
Sending IP: 157.112.176.52
From: Hatami <hatami@amatatrade.com>
Subject: Fwd: QUOTE
Attachment: COMPANY DATA.iso (contains "IMG_0352_Scanned.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
89
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Sanesecurity.Foxhole.Iso_fs2061.UNOFFICIAL
Create hunting rule

Result
Verdict:
MALICIOUS
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/e28d4bfe77b2aee9dbf967b054ad90fb24eeaebd921869dc6a9660bc32d4b2a9/
Threat name:
Win32.Trojan.AgentTesla
Create hunting rule
Status:
Malicious
First seen:
2021-02-23 13:59:49 UTC
AV detection:
10 of 47 (21.28%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=4kgux7txwkxotw7zm6yfjlmq7mso5lv5simgtxdkszqlymwuwkuq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/e28d4bfe77b2aee9dbf967b054ad90fb24eeaebd921869dc6a9660bc32d4b2a9

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

SnakeKeylogger

iso e28d4bfe77b2aee9dbf967b054ad90fb24eeaebd921869dc6a9660bc32d4b2a9

(this sample)

SnakeKeylogger

Executable exe 7655e3c652f82270892b4505044f6e404cf49a61193f3894cacd24e6843611cc

  
Dropping
MD5 6a4ce9c2b60181dad5c2ae6f01a21d65
  
Dropping
SnakeKeylogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 7655e3c652f82270892b4505044f6e404cf49a61193f3894cacd24e6843611cc

Comments