snakekeylogger | 143b430b2cf5363e24a62b531370f5b765ee78138f9e7fd98266724da353d29f | Triage

Submit
Reports

Overview

overview

Static

static

RFQ-YEKHA-20-0151.exe

windows7_x64

1

RFQ-YEKHA-20-0151.exe

windows10_x64

Sharing

General

Target

RFQ-YEKHA-20-0151.PDF.gz
Size

521KB
Sample

210621-zanb5f9kzn
MD5

b221af31a52fd1186f263317f04b96e4
SHA1

85015497923e8d33aef9f60730d9bd737aff1646
SHA256

143b430b2cf5363e24a62b531370f5b765ee78138f9e7fd98266724da353d29f
SHA512

9777b8de807ba71bc2635754fdd184f0ddd0e1675708c96aa05438f5d2032a4b16fe757954f83306e10c602210994f1624c97a8bf684d3102fe68fd247a437e1

Score

10^/10

snakekeylogger keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

RFQ-YEKHA-20-0151.exe

Resource

win7v20210408

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

RFQ-YEKHA-20-0151.exe

Resource

win10v20210410

snakekeylogger keylogger stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
us2.smtp.mailhostbox.com
Port:
587
Username:
newoffice@myexodus1.com
Password:
gefqPU#Az8

Targets

- Target
  
  RFQ-YEKHA-20-0151.exe
- Size
  
  702KB
- MD5
  
  20ceb0cdf1f078b28671054c2863052c
- SHA1
  
  fc335d40a3fe8aceb4fbfd89c279b9b56a142556
- SHA256
  
  4223fc55e6b0fc32d0f55607395055db9023a5d6980dccad59f11aadf0179b86
- SHA512
  
  1639777ffadd90248a0735429fb3068a0dc5ad106520416104afaebfb2744950c96ee8918267041c6055a882b022ea15472f545e7333329124d2699e5847ec1a
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

snakekeyloggerkeyloggerstealer

© 2018-2024

Terms | Privacy