snakekeylogger | fd231e801904a830dff83d1820747640d913afe2d3cae55b30625cbf775f1ba3 | Triage

Submit
Reports

Overview

overview

Static

static

6eba0e7094...b4.exe

windows7_x64

3

6eba0e7094...b4.exe

windows10_x64

Sharing

General

Target

6eba0e7094858880964c58e41c552db4.exe
Size

49KB
Sample

211020-g53cwahfcr
MD5

6eba0e7094858880964c58e41c552db4
SHA1

24bcd038d9b29d3b6eec68966f7b71b167396ab5
SHA256

fd231e801904a830dff83d1820747640d913afe2d3cae55b30625cbf775f1ba3
SHA512

3aedf6562308f5317f07b0e1a17388aaafc9725b15034c998fe5768683e49017bc2c6be1cbea073ce37d843ecb9521700f196d893fadd7a6e4c4dc58a5b07079

Score

10^/10

snakekeylogger evasion keylogger stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

6eba0e7094858880964c58e41c552db4.exe

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

6eba0e7094858880964c58e41c552db4.exe

Resource

win10-en-20210920

snakekeylogger evasion keylogger stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
mail.mupa.com.tr
Port:
587
Username:
[email protected]
Password:
963.Mm@

Targets

- Target
  
  6eba0e7094858880964c58e41c552db4.exe
- Size
  
  49KB
- MD5
  
  6eba0e7094858880964c58e41c552db4
- SHA1
  
  24bcd038d9b29d3b6eec68966f7b71b167396ab5
- SHA256
  
  fd231e801904a830dff83d1820747640d913afe2d3cae55b30625cbf775f1ba3
- SHA512
  
  3aedf6562308f5317f07b0e1a17388aaafc9725b15034c998fe5768683e49017bc2c6be1cbea073ce37d843ecb9521700f196d893fadd7a6e4c4dc58a5b07079
Score

10^/10

snakekeylogger evasion keylogger stealer trojan
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Turns off Windows Defender SpyNet reporting
  evasion
- Windows security bypass
  evasion trojan
- Nirsoft
- Executes dropped EXE
- Drops startup file
- Windows security modification
  evasion trojan
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

snakekeyloggerevasionkeyloggerstealertrojan

© 2018-2024

Terms | Privacy