snakekeylogger | 075ffe13d0993dfbda287d4f4755099971de8992123a68743aac073bc1a3772b | Triage

Submit
Reports

Overview

overview

Static

static

TRANSFER V...DF.exe

windows7_x64

3

TRANSFER V...DF.exe

windows10_x64

Sharing

General

Target

TRANSFER VOUCHER 202101202-PDF.exe
Size

354KB
Sample

211202-qpjehacac3
MD5

f9a7fd74efbe7b8f48517622db056a0e
SHA1

011ddf3fd1b85a9dffd335772edb388575635ba9
SHA256

075ffe13d0993dfbda287d4f4755099971de8992123a68743aac073bc1a3772b
SHA512

edb415400bbbffc4d731f97b2714e2e3a7441e3d9a1733cda4d147fa440713c8bc51991a8acc7a680381fe51434c14365e7793e8303855f7806678b936476cd3

Score

10^/10

snakekeylogger collection keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

TRANSFER VOUCHER 202101202-PDF.exe

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

TRANSFER VOUCHER 202101202-PDF.exe

Resource

win10-en-20211104

snakekeylogger collection keylogger stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
mail.alroman.com
Port:
587
Username:
customercare@alroman.com
Password:
abc@24638

Targets

- Target
  
  TRANSFER VOUCHER 202101202-PDF.exe
- Size
  
  354KB
- MD5
  
  f9a7fd74efbe7b8f48517622db056a0e
- SHA1
  
  011ddf3fd1b85a9dffd335772edb388575635ba9
- SHA256
  
  075ffe13d0993dfbda287d4f4755099971de8992123a68743aac073bc1a3772b
- SHA512
  
  edb415400bbbffc4d731f97b2714e2e3a7441e3d9a1733cda4d147fa440713c8bc51991a8acc7a680381fe51434c14365e7793e8303855f7806678b936476cd3
Score

10^/10

snakekeylogger collection keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

snakekeyloggercollectionkeyloggerstealer

© 2018-2024

Terms | Privacy