snakekeylogger | a821247cfbed9095b7e7686eeca6572b9e506e080861c11c25be542f163a2500 | Triage

Submit
Reports

Overview

overview

Static

static

9

Agent Stat...ro.exe

windows7_x64

Agent Stat...ro.exe

windows10_x64

Sharing

General

Target

Agent Statement CargoPro.exe
Size

576KB
Sample

210130-flhkr7hqna
MD5

b4bce8a85b776b3aadb064547eaff482
SHA1

87d05af272cef33d6bdd96acb3f2c6f34c5a1130
SHA256

a821247cfbed9095b7e7686eeca6572b9e506e080861c11c25be542f163a2500
SHA512

08c7dc539f9e435d597248b7b38af30c9df6b8e2e291ceb4fb969295f73ac64aa19a394cdc44dbd62bfc5d21cd7cd6a6806b0e69eb912656f37ea3b5f8109303

Score

10^/10

snakekeylogger keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

Agent Statement CargoPro.exe

Resource

win7v20201028

snakekeylogger keylogger stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Agent Statement CargoPro.exe

Resource

win10v20201028

snakekeylogger keylogger stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Agent Statement CargoPro.exe
- Size
  
  576KB
- MD5
  
  b4bce8a85b776b3aadb064547eaff482
- SHA1
  
  87d05af272cef33d6bdd96acb3f2c6f34c5a1130
- SHA256
  
  a821247cfbed9095b7e7686eeca6572b9e506e080861c11c25be542f163a2500
- SHA512
  
  08c7dc539f9e435d597248b7b38af30c9df6b8e2e291ceb4fb969295f73ac64aa19a394cdc44dbd62bfc5d21cd7cd6a6806b0e69eb912656f37ea3b5f8109303
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger Payload
- Beds Protector Packer
  Detects Beds Protector packer used to load .NET malware.
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

snakekeyloggerkeyloggerstealer

behavioral2

snakekeyloggerkeyloggerstealer

© 2018-2024

Terms | Privacy