snakekeylogger | f8150a05d5a773b8879bd7bc37023cde597609c47bc3bb44b05f8a5677c65939 | Triage

Submit
Reports

Overview

overview

Static

static

9

910023458.exe

windows7_x64

910023458.exe

windows10_x64

Sharing

General

Target

910023458.exe
Size

586KB
Sample

210130-3cn8vk2yfn
MD5

5a4c99307108353ec3cf135aade63734
SHA1

7b5d732d3d8ae564439aa4c24dac816156901280
SHA256

f8150a05d5a773b8879bd7bc37023cde597609c47bc3bb44b05f8a5677c65939
SHA512

a5c699b3902625f321830fdce43783bec8d027488199808235df2466d90c1df7aa43683e7e590cdb024aa376be64f970156f21c1f63a990af87abda978524821

Score

10^/10

snakekeylogger keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

910023458.exe

Resource

win7v20201028

snakekeylogger keylogger stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

910023458.exe

Resource

win10v20201028

snakekeylogger keylogger stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  910023458.exe
- Size
  
  586KB
- MD5
  
  5a4c99307108353ec3cf135aade63734
- SHA1
  
  7b5d732d3d8ae564439aa4c24dac816156901280
- SHA256
  
  f8150a05d5a773b8879bd7bc37023cde597609c47bc3bb44b05f8a5677c65939
- SHA512
  
  a5c699b3902625f321830fdce43783bec8d027488199808235df2466d90c1df7aa43683e7e590cdb024aa376be64f970156f21c1f63a990af87abda978524821
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger Payload
- Beds Protector Packer
  Detects Beds Protector packer used to load .NET malware.
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

snakekeyloggerkeyloggerstealer

behavioral2

snakekeyloggerkeyloggerstealer

© 2018-2024

Terms | Privacy