snakekeylogger | 23b482ed9007975bea94a8e5847a5cc2ed3e1c628cb33aec704110795448f1c8 | Triage

Submit
Reports

Overview

overview

Static

static

INVOICE -P...DF.exe

windows7_x64

3

INVOICE -P...DF.exe

windows10_x64

Sharing

General

Target

INVOICE -PAYMENT PROCESS-PDF.exe
Size

491KB
Sample

211201-psxwmacaek
MD5

9ca3be9c6a23b1ebb37bece4d523ab7d
SHA1

bea611ab0c951eee30992af46c98cef98f52ed73
SHA256

23b482ed9007975bea94a8e5847a5cc2ed3e1c628cb33aec704110795448f1c8
SHA512

4790bb40f74d10f749690adf7d961e7cb69e14a4f93ccd57272367f652ad3521894ec422a50626197250f9f4b0b402330983e6282c77c760789b9436383865d5

Score

10^/10

snakekeylogger collection keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

INVOICE -PAYMENT PROCESS-PDF.exe

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

INVOICE -PAYMENT PROCESS-PDF.exe

Resource

win10-en-20211104

snakekeylogger collection keylogger stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
mail.alroman.com
Port:
587
Username:
customercare@alroman.com
Password:
abc@24638

Targets

- Target
  
  INVOICE -PAYMENT PROCESS-PDF.exe
- Size
  
  491KB
- MD5
  
  9ca3be9c6a23b1ebb37bece4d523ab7d
- SHA1
  
  bea611ab0c951eee30992af46c98cef98f52ed73
- SHA256
  
  23b482ed9007975bea94a8e5847a5cc2ed3e1c628cb33aec704110795448f1c8
- SHA512
  
  4790bb40f74d10f749690adf7d961e7cb69e14a4f93ccd57272367f652ad3521894ec422a50626197250f9f4b0b402330983e6282c77c760789b9436383865d5
Score

10^/10

snakekeylogger collection keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

snakekeyloggercollectionkeyloggerstealer

© 2018-2024

Terms | Privacy