snakekeylogger | 438fdfe2373cc3461f9294fab147d74beae972ad80620002d60ccd6f27f8c966 | Triage

Submit
Reports

Overview

overview

Static

static

000900000000900.exe

windows7_x64

000900000000900.exe

windows10_x64

Sharing

General

Target

000900000000900.exe
Size

958KB
Sample

210119-yrat1s1yex
MD5

9986f70e963e69f4e25ec67cc0a0b66a
SHA1

0f3c4623479f32e809212b08d32b944ffc522857
SHA256

438fdfe2373cc3461f9294fab147d74beae972ad80620002d60ccd6f27f8c966
SHA512

a23c62e62bd7fafd8b40611847c893cba459e3db794678d3fdc7b5208b789b32b30fac332b8cfef03a9bff76c83391bece184a11b46aed80b3b80aab389c295f

Score

10^/10

snakekeylogger keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

000900000000900.exe

Resource

win7v20201028

snakekeylogger keylogger stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

000900000000900.exe

Resource

win10v20201028

snakekeylogger keylogger stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  000900000000900.exe
- Size
  
  958KB
- MD5
  
  9986f70e963e69f4e25ec67cc0a0b66a
- SHA1
  
  0f3c4623479f32e809212b08d32b944ffc522857
- SHA256
  
  438fdfe2373cc3461f9294fab147d74beae972ad80620002d60ccd6f27f8c966
- SHA512
  
  a23c62e62bd7fafd8b40611847c893cba459e3db794678d3fdc7b5208b789b32b30fac332b8cfef03a9bff76c83391bece184a11b46aed80b3b80aab389c295f
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger Payload
- Drops startup file
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

snakekeyloggerkeyloggerstealer

behavioral2

snakekeyloggerkeyloggerstealer

© 2018-2024

Terms | Privacy