snakekeylogger | 96b12d371375868fc87d73454805ea2db22f27d46424808c9c3a2cd8fba03296 | Triage

Submit
Reports

Overview

overview

Static

static

Ecol Sp RF...13.exe

windows10_x64

Sharing

General

Target

Ecol Sp RFQ.122113.gz
Size

606KB
Sample

210611-l8wvqsr12a
MD5

9ccb9d6bb146704c793ec0d36787d8d6
SHA1

bc16362c681288f93bf5c481fc3e7890e3737e19
SHA256

96b12d371375868fc87d73454805ea2db22f27d46424808c9c3a2cd8fba03296
SHA512

27b9117969eec77f3bdfdc01c9d1c9f09d3e5859dce7e8d096cc84643290de22b2c9a240d0462bda7b6d69fb04244d1dc8ee51e40b65c1554f503d4f2e8f369c

Score

10^/10

snakekeylogger keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

Ecol Sp RFQ.122113.exe

Resource

win10v20210408

snakekeylogger keylogger stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot1841252439:AAFeBNk12wAgfxXFXtqpw50JT4iCgTc-FsM/sendMessage?chat_id=-487183096

Targets

- Target
  
  Ecol Sp RFQ.122113.exe
- Size
  
  836KB
- MD5
  
  9a2225e1b9acd802016c1d880528de49
- SHA1
  
  0e9b0abd02fd0c321ddbd6b3140c7c3cf0fa1d9d
- SHA256
  
  38b556205aa56d97e3e6e2702bd4822b489403e3903132493893e5aced988b83
- SHA512
  
  424029d7bcd9276a7b1c920f80feda282a53f61f75bc665c5b388c5cc8b2a148489bbf1ef67dedd635c3999284145899d725188b54cff792edfbf173859395ae
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

snakekeyloggerkeyloggerstealer

© 2018-2024

Terms | Privacy