snakekeylogger | 63b747c34c71ae08653978a800692893d7ae5be122ecbaf482f7b8cff6cf3c8c | Triage

Submit
Reports

Overview

overview

Static

static

Rogdfquub.exe

windows7_x64

Rogdfquub.exe

windows10-2004_x64

Sharing

General

Target

Rogdfquub.exe
Size

30KB
Sample

220704-wjcyescee3
MD5

23ba82c67551d397d13d018d93a32d06
SHA1

66cdf6745d666f1c09299262df3ebd3f014be20a
SHA256

63b747c34c71ae08653978a800692893d7ae5be122ecbaf482f7b8cff6cf3c8c
SHA512

b105f99db716291717df0b42675fc3a9bea63a8e1e494a92147e3bbcc1d7888a7d80a0f6f0e728893437d198d29d5ee365275663d158f2396b2bbd69bb3fa0d8

Score

10^/10

snakekeylogger collection keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

Rogdfquub.exe

Resource

win7-20220414-en

snakekeylogger collection keylogger stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Rogdfquub.exe

Resource

win10v2004-20220414-en

snakekeylogger collection keylogger stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot1939897600:AAFkoPsh0GqeaOfexc3PJ91CjFvH6rmGT-M/sendMessage?chat_id=1715191138

Targets

- Target
  
  Rogdfquub.exe
- Size
  
  30KB
- MD5
  
  23ba82c67551d397d13d018d93a32d06
- SHA1
  
  66cdf6745d666f1c09299262df3ebd3f014be20a
- SHA256
  
  63b747c34c71ae08653978a800692893d7ae5be122ecbaf482f7b8cff6cf3c8c
- SHA512
  
  b105f99db716291717df0b42675fc3a9bea63a8e1e494a92147e3bbcc1d7888a7d80a0f6f0e728893437d198d29d5ee365275663d158f2396b2bbd69bb3fa0d8
Score

10^/10

snakekeylogger collection keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger Payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

snakekeyloggercollectionkeyloggerstealer

behavioral2

snakekeyloggercollectionkeyloggerstealer

© 2018-2024

Terms | Privacy