snakekeylogger | 8900dcc6381458bd65b62db8c05181a467d41a5d7f5686cda696655973371920 | Triage

Submit
Reports

Overview

overview

Static

static

DHL-20211130-pdf.exe

windows7_x64

DHL-20211130-pdf.exe

windows10_x64

Sharing

General

Target

DHL-20211130-pdf.exe
Size

432KB
Sample

211129-v8ww6acecm
MD5

846c6958b91446fdf7984036de12312a
SHA1

982cada5dc8eab584b686d9bd86e7622531b0454
SHA256

8900dcc6381458bd65b62db8c05181a467d41a5d7f5686cda696655973371920
SHA512

05010da970297e22432685bbfd97737c73f65e3e1dbcdc10f8191718a8a890c0cf916102c32d53693c42298bcc5194fcc747ef6bd6b9dd34e1a184e5c26ba800

Score

10^/10

snakekeylogger collection keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

DHL-20211130-pdf.exe

Resource

win7-en-20211104

snakekeylogger collection keylogger stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

DHL-20211130-pdf.exe

Resource

win10-en-20211014

snakekeylogger keylogger stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
mail.stlwtgroup.com
Port:
587
Username:
simon.ho@stlwtgroup.com
Password:
Simon97292457

Targets

- Target
  
  DHL-20211130-pdf.exe
- Size
  
  432KB
- MD5
  
  846c6958b91446fdf7984036de12312a
- SHA1
  
  982cada5dc8eab584b686d9bd86e7622531b0454
- SHA256
  
  8900dcc6381458bd65b62db8c05181a467d41a5d7f5686cda696655973371920
- SHA512
  
  05010da970297e22432685bbfd97737c73f65e3e1dbcdc10f8191718a8a890c0cf916102c32d53693c42298bcc5194fcc747ef6bd6b9dd34e1a184e5c26ba800
Score

10^/10

snakekeylogger collection keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

snakekeyloggercollectionkeyloggerstealer

behavioral2

snakekeyloggerkeyloggerstealer

© 2018-2024

Terms | Privacy