snakekeylogger | 99f848659803768bf6e0312c21b7cc5ae368516d253adc2c6869e89403d34836 | Triage

Submit
Reports

Overview

overview

Static

static

DHL000271121_pdf.exe

windows7_x64

DHL000271121_pdf.exe

windows10_x64

Sharing

General

Target

DHL000271121_pdf.exe
Size

335KB
Sample

211128-jkt7waggak
MD5

0dbb08f269cdda59d9e0a5c3fa0c6f53
SHA1

7d04e579ee6388b33195cb3536e6d2d555225191
SHA256

99f848659803768bf6e0312c21b7cc5ae368516d253adc2c6869e89403d34836
SHA512

f21101aacad29b8374c61fa8b2db845bea2aaed325a08a0d41a0ec7f45d7d49a08b09babc2c11f43433cbc1e249b42e749779bc0b117d44b722a43845988dbb9

Score

10^/10

snakekeylogger collection keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

DHL000271121_pdf.exe

Resource

win7-en-20211104

snakekeylogger collection keylogger stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

DHL000271121_pdf.exe

Resource

win10-en-20211104

snakekeylogger keylogger stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
mail.stlwtgroup.com
Port:
587
Username:
simon.ho@stlwtgroup.com
Password:
Simon97292457

Targets

- Target
  
  DHL000271121_pdf.exe
- Size
  
  335KB
- MD5
  
  0dbb08f269cdda59d9e0a5c3fa0c6f53
- SHA1
  
  7d04e579ee6388b33195cb3536e6d2d555225191
- SHA256
  
  99f848659803768bf6e0312c21b7cc5ae368516d253adc2c6869e89403d34836
- SHA512
  
  f21101aacad29b8374c61fa8b2db845bea2aaed325a08a0d41a0ec7f45d7d49a08b09babc2c11f43433cbc1e249b42e749779bc0b117d44b722a43845988dbb9
Score

10^/10

snakekeylogger collection keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

snakekeyloggercollectionkeyloggerstealer

behavioral2

snakekeyloggerkeyloggerstealer

© 2018-2024

Terms | Privacy