snakekeylogger | 8ae4f4878dff4e9af925165ac386f005efddaa49729482153f3ac945a83798c7 | Triage

Submit
Reports

Overview

overview

Static

static

Document.exe

windows7_x64

Document.exe

windows10-2004_x64

Sharing

General

Target

Document.exe
Size

573KB
Sample

220706-g52fksbfb2
MD5

fa655ab3e42d445235099a3f3f3ff365
SHA1

489c12bc962e703607456fb7c44be799ef3d9595
SHA256

8ae4f4878dff4e9af925165ac386f005efddaa49729482153f3ac945a83798c7
SHA512

1522b4f005ee8d638ad67ad8c041aec275199dbe97de9ad73e6660ed8e10b664fcaa41322d99a6a941fc97101e4b2b430b262683539c686a20fc71b737d2a4cb

Score

10^/10

snakekeylogger collection keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

Document.exe

Resource

win7-20220414-en

snakekeylogger collection keylogger stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Document.exe

Resource

win10v2004-20220414-en

snakekeylogger collection keylogger stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
mail.universaleagles-ye.com
Port:
587
Username:
kahtan@universaleagles-ye.com
Password:
UEss@@202122
Email To:
powerofworkissure@gmail.com

Targets

- Target
  
  Document.exe
- Size
  
  573KB
- MD5
  
  fa655ab3e42d445235099a3f3f3ff365
- SHA1
  
  489c12bc962e703607456fb7c44be799ef3d9595
- SHA256
  
  8ae4f4878dff4e9af925165ac386f005efddaa49729482153f3ac945a83798c7
- SHA512
  
  1522b4f005ee8d638ad67ad8c041aec275199dbe97de9ad73e6660ed8e10b664fcaa41322d99a6a941fc97101e4b2b430b262683539c686a20fc71b737d2a4cb
Score

10^/10

snakekeylogger collection keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger Payload
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

snakekeyloggercollectionkeyloggerstealer

behavioral2

snakekeyloggercollectionkeyloggerstealer

© 2018-2024

Terms | Privacy