snakekeylogger | f8c6ac7a79dbbcdf8123c48bfa0d3e4917235f489fba0824c682781802f14fc2 | Triage

Submit
Reports

Overview

overview

Static

static

0009089000900.exe

windows7_x64

0009089000900.exe

windows10_x64

Sharing

General

Target

0009089000900.exe
Size

879KB
Sample

210118-fxp9724pg6
MD5

4551c0185df582b531e333d52333d6a9
SHA1

c9c11adb1b6c8b00a3b5ebb39a1407f88e376e80
SHA256

f8c6ac7a79dbbcdf8123c48bfa0d3e4917235f489fba0824c682781802f14fc2
SHA512

b09baf8ac2820567712190893fe88c2659dc73323930e2dbec2847c303cae39d30f500bf82e68163c84ca5c0de919dfadfe0c8e48449db7d90252b2c9bde215a

Score

10^/10

snakekeylogger keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

0009089000900.exe

Resource

win7v20201028

snakekeylogger keylogger stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0009089000900.exe

Resource

win10v20201028

snakekeylogger keylogger stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  0009089000900.exe
- Size
  
  879KB
- MD5
  
  4551c0185df582b531e333d52333d6a9
- SHA1
  
  c9c11adb1b6c8b00a3b5ebb39a1407f88e376e80
- SHA256
  
  f8c6ac7a79dbbcdf8123c48bfa0d3e4917235f489fba0824c682781802f14fc2
- SHA512
  
  b09baf8ac2820567712190893fe88c2659dc73323930e2dbec2847c303cae39d30f500bf82e68163c84ca5c0de919dfadfe0c8e48449db7d90252b2c9bde215a
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger Payload
- Drops startup file
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

snakekeyloggerkeyloggerstealer

behavioral2

snakekeyloggerkeyloggerstealer

© 2018-2024

Terms | Privacy