snakekeylogger | 9c247a73a2b93a70b14c37b1dbf564f38db8bb9a0e7160de1971655a4e02950a | Triage

Submit
Reports

Overview

overview

Static

static

fatura.exe

windows7_x64

fatura.exe

windows10_x64

Sharing

General

Target

fatura.exe
Size

1.1MB
Sample

210727-j1z1kaxz8s
MD5

6a9d0ec45e52137abf05b546151dc664
SHA1

2ea215c3bac1316746fb0ddb9ad7be216a596220
SHA256

9c247a73a2b93a70b14c37b1dbf564f38db8bb9a0e7160de1971655a4e02950a
SHA512

4b0a78c6da7c010c81d36d1e9ae70b60059e1e19b589221329bb447d798db0b36015e07fe7c282fc0250b409845376dd8e1651725cd8783883084d9891de994e

Score

10^/10

snakekeylogger keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

fatura.exe

Resource

win7v20210408

snakekeylogger keylogger stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

fatura.exe

Resource

win10v20210410

snakekeylogger keylogger stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
mail.ergrafica.com.ar
Port:
587
Username:
trabajos@ergrafica.com.ar
Password:
25834931Cecilia

Targets

- Target
  
  fatura.exe
- Size
  
  1.1MB
- MD5
  
  6a9d0ec45e52137abf05b546151dc664
- SHA1
  
  2ea215c3bac1316746fb0ddb9ad7be216a596220
- SHA256
  
  9c247a73a2b93a70b14c37b1dbf564f38db8bb9a0e7160de1971655a4e02950a
- SHA512
  
  4b0a78c6da7c010c81d36d1e9ae70b60059e1e19b589221329bb447d798db0b36015e07fe7c282fc0250b409845376dd8e1651725cd8783883084d9891de994e
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

snakekeyloggerkeyloggerstealer

behavioral2

snakekeyloggerkeyloggerstealer

© 2018-2024

Terms | Privacy