snakekeylogger | ed8a2741526c390d94d57de34aad4e3d533ab02beb98f6dfe428c281ec37d279 | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-1703-x64

Sharing

General

Target

ed8a2741526c390d94d57de34aad4e3d533ab02beb98f6dfe428c281ec37d279
Size

768KB
Sample

230323-sk54tage53
MD5

b937cfc610976f5aed6dfd7aba0763c7
SHA1

0df6374148b77143dde73e89ac0cfc485a7a2922
SHA256

ed8a2741526c390d94d57de34aad4e3d533ab02beb98f6dfe428c281ec37d279
SHA512

c1faae3d490898a9b549aeedc71e71a4217422b09a77ba727cda41faec41f50ff8d073abe73e086dcfa267cac6b2467b7324a625f3a1b5cc1d4dec8737f24985
SSDEEP

12288:S7ZwdNNAUmugqIkPLtxj4iO4zqSmuQ2Nm1ndbs9a7frhB3mGjPzXRbrQyQpytTfB:WZGNKUPlIELb4bETQAYboa7DvXRPvfA8

Score

10^/10

snakekeylogger keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

ed8a2741526c390d94d57de34aad4e3d533ab02beb98f6dfe428c281ec37d279.exe

Resource

win10-20230220-en

snakekeylogger keylogger stealer

windows10-1703-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
cp5ua.hyperhost.ua
Port:
587
Username:
[email protected]
Password:
7213575aceACE@#$
Email To:
[email protected]

Targets

- Target
  
  ed8a2741526c390d94d57de34aad4e3d533ab02beb98f6dfe428c281ec37d279
- Size
  
  768KB
- MD5
  
  b937cfc610976f5aed6dfd7aba0763c7
- SHA1
  
  0df6374148b77143dde73e89ac0cfc485a7a2922
- SHA256
  
  ed8a2741526c390d94d57de34aad4e3d533ab02beb98f6dfe428c281ec37d279
- SHA512
  
  c1faae3d490898a9b549aeedc71e71a4217422b09a77ba727cda41faec41f50ff8d073abe73e086dcfa267cac6b2467b7324a625f3a1b5cc1d4dec8737f24985
- SSDEEP
  
  12288:S7ZwdNNAUmugqIkPLtxj4iO4zqSmuQ2Nm1ndbs9a7frhB3mGjPzXRbrQyQpytTfB:WZGNKUPlIELb4bETQAYboa7DvXRPvfA8
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

snakekeyloggerkeyloggerstealer

© 2018-2025

Terms | Privacy