snakekeylogger | 218fa15ef4b6910a7dd996ed0b54df8dfae8f174013b4214971c91787654f7a4 | Triage

Submit
Reports

Overview

overview

Static

static

Scan document.exe

windows7_x64

Scan document.exe

windows10_x64

Sharing

General

Target

Scan document.exe
Size

667KB
Sample

210114-zkw9x9wt56
MD5

3ae1b28cf2f2909ed5c5451653017a0a
SHA1

726aaf44fb0761703f5044c858fe03644edc0063
SHA256

218fa15ef4b6910a7dd996ed0b54df8dfae8f174013b4214971c91787654f7a4
SHA512

3b133df737f66cfc8b54fd392a6b5a72a139e4f7d691ddd0674cecda5dd1cfaa2b583a1188bfad536318985ecb1f89d02fc778720b4ff19ba4b8cbfe8f4dfa0c

Score

10^/10

snakekeylogger keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

Scan document.exe

Resource

win7v20201028

snakekeylogger keylogger stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Scan document.exe

Resource

win10v20201028

snakekeylogger keylogger stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Credentials

Protocol: smtp
Host:
smtp.yandex.ru
Port:
587
Username:
[email protected]
Password:
internationallove147

Targets

- Target
  
  Scan document.exe
- Size
  
  667KB
- MD5
  
  3ae1b28cf2f2909ed5c5451653017a0a
- SHA1
  
  726aaf44fb0761703f5044c858fe03644edc0063
- SHA256
  
  218fa15ef4b6910a7dd996ed0b54df8dfae8f174013b4214971c91787654f7a4
- SHA512
  
  3b133df737f66cfc8b54fd392a6b5a72a139e4f7d691ddd0674cecda5dd1cfaa2b583a1188bfad536318985ecb1f89d02fc778720b4ff19ba4b8cbfe8f4dfa0c
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger Payload
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

snakekeyloggerkeyloggerstealer

behavioral2

snakekeyloggerkeyloggerstealer

© 2018-2024

Terms | Privacy