Extracted

• • Target

    0x0014000000005591-57.dat

  • Size

    126KB

  • MD5

    d7ae412c7b211a55aab4d7c64dff870b

  • SHA1

    4b9a99d232afe69495afd82913090eeaba815fe4

  • SHA256

    025c3a4174f86308877f3e0545849acc881ccc82bafefb5d949169337568081c

  • SHA512

    ee557c31f76724040f888b901073fae5f6e74da5dd4cc3d71310f1bfaceef6e924c603b7eff0de18b0b30e8e3dca387a8b90659714cef3b328716b00a5022218

  Score

  10^/10

  snakekeyloggercollectionkeyloggerspywarestealer

  • Snake Keylogger

    Keylogger and Infostealer first seen in November 2020.

    stealerkeyloggersnakekeylogger

  • Snake Keylogger payload

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2