MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 fc57e39646cf1aed82bebee0f89a847a30a400ebebc3f8f3594d995d602eca6c. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


SnakeKeylogger


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: fc57e39646cf1aed82bebee0f89a847a30a400ebebc3f8f3594d995d602eca6c
SHA3-384 hash: 3355208b34b9b368f9558e567d5d35ad287772006b43d6d1399adffa71f3840fc92e2f9abe2aed4c3005b00eb59c5e88
SHA1 hash: 4db7a703f29675d12a1ec39de340c5bcfbb1a0bc
MD5 hash: b5d567316fcc5fd7524b7a00acab4d6b
humanhash: nuts-zebra-helium-east
File name:IMG_5032doc.img
Download: download sample
Signature SnakeKeylogger
Create hunting rule
File size:1'835'008 bytes
First seen:2021-02-15 06:54:13 UTC
Last seen:Never
File type: img
MIME type:application/x-iso9660-image
ssdeep 12288:BfxhGT/f7DSvWN1JuigLYVlaf+dhKeVnVBAzzfCwTs4zMqwQLKZPgH1CPmj1W06r:BWzHSvi7AYaf+dk+gz2wTsCNge1strr
TLSH 5385F113A562C611CC35593AC45EC0F557F86E1A78A0C38BB88D7BA33B70D4F7788969
Reporter abuse_ch
Tags:img SnakeKeylogger


Avatar
abuse_ch
Malspam distributing SnakeKeylogger:

HELO: gl-host101.tenten.cloud
Sending IP: 150.95.111.186
From: Paramount Express Agencies Sdn Bhd / Paramount Logistics Sdn. Bhd. <sungkwangmedtech@gmail.com>
Subject: REQUEST FOR QUOTATION(RFQ)
Attachment: IMG_5032doc.img (contains "IMG_5032doc.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
114
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Sanesecurity.Foxhole.Iso_fs2061.UNOFFICIAL
Create hunting rule

PUA.Win.Trojan.Generic-6629274-0
Create hunting rule

Result
Verdict:
MALICIOUS
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/fc57e39646cf1aed82bebee0f89a847a30a400ebebc3f8f3594d995d602eca6c/
Threat name:
ByteCode-MSIL.Trojan.Zmutzy
Create hunting rule
Status:
Malicious
First seen:
2021-02-15 06:55:07 UTC
AV detection:
9 of 46 (19.57%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=7rl6hfsgz4no3av6x3qprguepiykiahl5pb7r42zjwmv2ybozjwa._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/fc57e39646cf1aed82bebee0f89a847a30a400ebebc3f8f3594d995d602eca6c

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

SnakeKeylogger

img fc57e39646cf1aed82bebee0f89a847a30a400ebebc3f8f3594d995d602eca6c

(this sample)

SnakeKeylogger

Executable exe 0672e1e0fdcf5ce94a55e35855458ae01f17124ad09219673a526c0ae1aeec57

  
Dropping
MD5 3d9e18d382a852a73c92d461b9f7bbb3
  
Dropping
SnakeKeylogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 0672e1e0fdcf5ce94a55e35855458ae01f17124ad09219673a526c0ae1aeec57

Comments