snakekeylogger | 1bbe67e38e82cecfa2da8e8c5d1df93f37f92cd1d005a57169e9379d158df3bf | Triage

Submit
Reports

Overview

overview

Static

static

15f584b905...57.exe

windows7_x64

15f584b905...57.exe

windows10-2004_x64

Sharing

General

Target

15f584b9057bb908c7db7bd68070b157.exe
Size

471KB
Sample

220706-ta2t3seebl
MD5

15f584b9057bb908c7db7bd68070b157
SHA1

d0f87e7db1caf891713cb9aa47f02795620a6576
SHA256

1bbe67e38e82cecfa2da8e8c5d1df93f37f92cd1d005a57169e9379d158df3bf
SHA512

a5384b4569334777fb08d862071d793ffe538560e8c631d229184ec95157156fdcd826110655f50704e363fbe365104c7f282e9f19c8b34545bcdd0ea9f8f61b

Score

10^/10

snakekeylogger collection keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

15f584b9057bb908c7db7bd68070b157.exe

Resource

win7-20220414-en

snakekeylogger collection keylogger stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

15f584b9057bb908c7db7bd68070b157.exe

Resource

win10v2004-20220414-en

snakekeylogger collection keylogger stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
mail.stilltech.ro
Port:
587
Username:
office@stilltech.ro
Password:
eurobit555ro
Email To:
princenewman1111@gmail.com

Targets

- Target
  
  15f584b9057bb908c7db7bd68070b157.exe
- Size
  
  471KB
- MD5
  
  15f584b9057bb908c7db7bd68070b157
- SHA1
  
  d0f87e7db1caf891713cb9aa47f02795620a6576
- SHA256
  
  1bbe67e38e82cecfa2da8e8c5d1df93f37f92cd1d005a57169e9379d158df3bf
- SHA512
  
  a5384b4569334777fb08d862071d793ffe538560e8c631d229184ec95157156fdcd826110655f50704e363fbe365104c7f282e9f19c8b34545bcdd0ea9f8f61b
Score

10^/10

snakekeylogger collection keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger Payload
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

snakekeyloggercollectionkeyloggerstealer

behavioral2

snakekeyloggercollectionkeyloggerstealer

© 2018-2024

Terms | Privacy