snakekeylogger | 373d671d67d3bbe40cdf157b738114a6940ff2cdaa569bd0056af27f63d58a71 | Triage

Submit
Reports

Overview

overview

Static

static

Payment Ad...03.exe

windows7_x64

Payment Ad...03.exe

windows10_x64

Sharing

General

Target

Payment Advice MT103.exe
Size

985KB
Sample

211208-sy76bsgah8
MD5

511fd1d71605cd767ec7451115334d12
SHA1

22146c2fcdc631ba123c5cdf9dcb0274d396e6c0
SHA256

373d671d67d3bbe40cdf157b738114a6940ff2cdaa569bd0056af27f63d58a71
SHA512

0f8cd0d5fc8968ad976379d38eee4ef535d0c759cac4b0933ad8e47f210482d27f8a12bd0d90c12cc2f427375265c39f4127757fb9cadae248cc98f1e9903fb8

Score

10^/10

snakekeylogger collection keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

Payment Advice MT103.exe

Resource

win7-en-20211208

snakekeylogger collection keylogger stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Payment Advice MT103.exe

Resource

win10-en-20211208

snakekeylogger keylogger stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
mail.agc.com.sa
Port:
587
Username:
vijayakumar.singh@agc.com.sa
Password:
admin@admin$$

Targets

- Target
  
  Payment Advice MT103.exe
- Size
  
  985KB
- MD5
  
  511fd1d71605cd767ec7451115334d12
- SHA1
  
  22146c2fcdc631ba123c5cdf9dcb0274d396e6c0
- SHA256
  
  373d671d67d3bbe40cdf157b738114a6940ff2cdaa569bd0056af27f63d58a71
- SHA512
  
  0f8cd0d5fc8968ad976379d38eee4ef535d0c759cac4b0933ad8e47f210482d27f8a12bd0d90c12cc2f427375265c39f4127757fb9cadae248cc98f1e9903fb8
Score

10^/10

snakekeylogger collection keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

snakekeyloggercollectionkeyloggerstealer

behavioral2

snakekeyloggerkeyloggerstealer

© 2018-2024

Terms | Privacy