snakekeylogger | df1ea458ba38091e5f1739ed561cf1424a0b25673405f29276db3a5aa03f9187 | Triage

Submit
Reports

Overview

overview

Static

static

Remittance...DF.exe

windows7_x64

Remittance...DF.exe

windows10-2004_x64

Sharing

General

Target

Remittance copy.PDF.exe
Size

474KB
Sample

220704-jcdj6ahdg7
MD5

47dec80e1814ef478f35b9ba5036c61b
SHA1

993be681841345715d36ce0253c3db6aa37256d9
SHA256

df1ea458ba38091e5f1739ed561cf1424a0b25673405f29276db3a5aa03f9187
SHA512

0cd79fd1ccc1e9b1787ab366ac940c257c280405c79084c258c157c693feb76debeaa7a0bf2b6297eb87a69df9f570d3122d2afa1d99368b1530db54e3702cc8

Score

10^/10

snakekeylogger collection keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

Remittance copy.PDF.exe

Resource

win7-20220414-en

snakekeylogger collection keylogger stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Remittance copy.PDF.exe

Resource

win10v2004-20220414-en

snakekeylogger collection keylogger stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
mail.stilltech.ro
Port:
587
Username:
office@stilltech.ro
Password:
eurobit555ro
Email To:
princenewman1111@gmail.com

Targets

- Target
  
  Remittance copy.PDF.exe
- Size
  
  474KB
- MD5
  
  47dec80e1814ef478f35b9ba5036c61b
- SHA1
  
  993be681841345715d36ce0253c3db6aa37256d9
- SHA256
  
  df1ea458ba38091e5f1739ed561cf1424a0b25673405f29276db3a5aa03f9187
- SHA512
  
  0cd79fd1ccc1e9b1787ab366ac940c257c280405c79084c258c157c693feb76debeaa7a0bf2b6297eb87a69df9f570d3122d2afa1d99368b1530db54e3702cc8
Score

10^/10

snakekeylogger collection keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger Payload
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

snakekeyloggercollectionkeyloggerstealer

behavioral2

snakekeyloggercollectionkeyloggerstealer

© 2018-2024

Terms | Privacy