snakekeylogger | c672ddcbe01265a48db1fc7263bcc79a3dae188a51a67ccdd10c41792544524f | Triage

Submit
Reports

Overview

overview

Static

static

New_Reques...MG.exe

windows7_x64

New_Reques...MG.exe

windows10_x64

Sharing

General

Target

New_Requests_5022781IMG.exe
Size

641KB
Sample

211018-cble2sdhbk
MD5

63f7a5ab58576fae2db4c1ef3e4de1bb
SHA1

59579ae0a2d86cbce11c7cd3ed38a8f3ce52419e
SHA256

c672ddcbe01265a48db1fc7263bcc79a3dae188a51a67ccdd10c41792544524f
SHA512

35a8e6ae07b27b412babbd82974168eb4cbdfbad5a18c76ba755ea61c89ab940a2bc365c4d32c7fd3fb110179d97fe3ba093f7a2bcfc7ad99c0ca71f906aeade

Score

10^/10

snakekeylogger collection keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

New_Requests_5022781IMG.exe

Resource

win7-en-20210920

snakekeylogger collection keylogger stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

New_Requests_5022781IMG.exe

Resource

win10-en-20211014

snakekeylogger collection keylogger stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
restd.xyz
Port:
587
Username:
[email protected]
Password:
gg@6{ZL65h,*

Targets

- Target
  
  New_Requests_5022781IMG.exe
- Size
  
  641KB
- MD5
  
  63f7a5ab58576fae2db4c1ef3e4de1bb
- SHA1
  
  59579ae0a2d86cbce11c7cd3ed38a8f3ce52419e
- SHA256
  
  c672ddcbe01265a48db1fc7263bcc79a3dae188a51a67ccdd10c41792544524f
- SHA512
  
  35a8e6ae07b27b412babbd82974168eb4cbdfbad5a18c76ba755ea61c89ab940a2bc365c4d32c7fd3fb110179d97fe3ba093f7a2bcfc7ad99c0ca71f906aeade
Score

10^/10

snakekeylogger collection keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Uses the VBS compiler for execution
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

snakekeyloggercollectionkeyloggerstealer

behavioral2

snakekeyloggercollectionkeyloggerstealer

© 2018-2024

Terms | Privacy