snakekeylogger | de14f0684525fb1e88fd930b745955d6e7d007b664c9643fd6ef03568e234a4e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SnakeKeylogger-main.zip
Size

17.0MB
Sample

230503-eajwyafd7t
MD5

826ad87b151b2ed4594781eef9c4e0fc
SHA1

5d0cedb6bd5e3394fcfa3c144ef2c202d7237a96
SHA256

de14f0684525fb1e88fd930b745955d6e7d007b664c9643fd6ef03568e234a4e
SHA512

0ee192fe7c6eacef465240867332c63595714ee6e9f67fdde02fc751a622059759556532dbeeecac01fc4f9f2a83dc8ef931f12e97200392f4613cef29fcd6eb
SSDEEP

393216:hMw+dG5WFfA2LucQ16cizFfA2LuWAlQ16ciDAW:QQWFxHzFZCHDz

Score

10^/10

snakekeylogger keylogger stealer

Malware Config

Targets

- Target
  
  SnakeKeylogger-main/Resources/Confuser_CLI
- Size
  
  30KB
- MD5
  
  a6f83da2bfe041d92ff79b9c238ed72e
- SHA1
  
  ac12c6e8973f0f64d1395523fdcfcd0d73856128
- SHA256
  
  0b997165e348b17658bef1e869881c37c79c2a9bb26e132ac4141eefd5912652
- SHA512
  
  9ce5c2825848d360a07c9555bd940ceaf9c598dbf55f99fa783bbc47ca55dc375f562f29dc94e767ccd0f94120e37be90ad055ea22d353c283b0d3992df36e84
- SSDEEP
  
  384:AtQiJWE1r0K0vYzZBgB1P5AkWFq7UQweltaJVuTlVKMwW7nj8VtDVth7WAl9MWod:biJWE1QzvYz/K1yXqYQ8VuAwbfVogxq
Score

3^/10
behavioral1 behavioral2
- Target
  
  SnakeKeylogger-main/Resources/KoiVM_Confuser
- Size
  
  50KB
- MD5
  
  ccbeb087b950ea7542a82b7e7ad3a5d8
- SHA1
  
  d80b0113cb710cc2fbb5d488df9d8f11a663185e
- SHA256
  
  de69f4a1721d1d2cd4b0e19360e6d3d2f847b2331a2058b3ca93734783eea837
- SHA512
  
  ebef47f55693b3917d70f8daa2d116f74af2c74571dbe8697ef7c304edbe00bbb9a2249d2fd336d14e65eb8a53d75483a21479a896fbecff77a5f062c81985e6
- SSDEEP
  
  1536:MVkjQkXEdj7n6Yh/qocGrO7KZKNZCzwk4ejv:MViQkXEFn6uO7K2Zawfejv
Score

1^/10
behavioral3 behavioral4
- Target
  
  SnakeKeylogger-main/Resources/Obfuscar_Console
- Size
  
  1.7MB
- MD5
  
  12d593dea2238aac4d421ed1a3cc5c0b
- SHA1
  
  54a9b205d770d83e1c33be9cc8f268f8105b4712
- SHA256
  
  a8018bc67c6429e0a876096a1a32203fd43cbad0dbe329a9d33ec5103a966783
- SHA512
  
  11b454258aca662cdc0fe802c081aace1fb7cb4a114c95a5b72c032e09153c46dd2df6fce19f9941a09bd0adb40447ad66b5bb2040852f7f9e808aa486c4d3d8
- SSDEEP
  
  24576:esNSJ/RJO4EG1XAXa5glyXF8xVBiHdoJ6hG10fqJrYQ9bobyErACZX+:nN34EG1nFCiQ9bozr+
Score

1^/10
behavioral5 behavioral6
- Target
  
  SnakeKeylogger-main/Resources/Res
- Size
  
  884KB
- MD5
  
  7b7cf5b69076735868df809824519545
- SHA1
  
  cce4bc945f053c094cbd986386a55f7acc6be5c1
- SHA256
  
  055562bb6c05d313fe87e973756c776b307e53a78e7336fa919668310e060e2d
- SHA512
  
  030240780632a900d97443eccf6fec6d61f187bf63de0cc1d042730954ab7846df536880e0caf86a968060e44f462c65a66fb5fff3e665e2e0cfbb6e6d10e879
- SSDEEP
  
  24576:j0ESdQpglO1CxDyawn27h+9hrlgKQY9SGcZwCdsp:j0RIglO1CuL9VNcaCdG
Score

1^/10
behavioral7 behavioral8
- Target
  
  SnakeKeylogger-main/bin/Debug/Snake Keylogger.exe
- Size
  
  6.0MB
- MD5
  
  f9960f5488085181b45238a827f471de
- SHA1
  
  0aeafc8d62db430da2d1899cb0b0bbc215762215
- SHA256
  
  3b6b10baa64d343487c73a1a8eed90216f0a4f8f7ed5712a6ed8bb9353a69dec
- SHA512
  
  e1819aac0da75331433c9ba3721706c0d3f16df4c6ceaa4d0a9a4e84ce1f9b0cb693ee3641d8ac5b723af8e055a9459c6b590032dbde2da646d8057c2b604188
- SSDEEP
  
  49152:RgkLFVus/0tGxAPbN34EG1nFCiQ9bozruSX0RIglO1CuL9VNcaCdGczKITh1fkx:Rjes0tGx7K6rt6MpChJ
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Beds Protector Packer
  Detects Beds Protector packer used to load .NET malware.
behavioral10 behavioral9
- Target
  
  SnakeKeylogger-main/bin/Debug/Snake Keylogger.vshost.exe
- Size
  
  11KB
- MD5
  
  23f9d4cae5c1a90415f77e1e051b2a0f
- SHA1
  
  27352ba0e68025b60338372dd81a40d2b5b55f21
- SHA256
  
  fd4a5bcd7534758bc5d5266f46f68b42e204d620d779be902e83d849ffda3bfe
- SHA512
  
  dba02405c682617146d7691508694c026466d8bda58e176d07b898b1a1ed07aeaa5d34cce924245d585a7cf61c51491b2909e8fc4c75a165bcfe438a6729b1d9
- SSDEEP
  
  192:5MW1VW8A2xB1MWsVmWcQKPnEtObMacxc8hjXHUz1TrO6bZ7H:znIW0mWcLXci2jXHUB
Score

3^/10
behavioral11 behavioral12
- Target
  
  SnakeKeylogger-main/bin/Release/Snake Keylogger.exe
- Size
  
  6.0MB
- MD5
  
  7d9c8e2d6d6bf957a1ebda127c084652
- SHA1
  
  2ff3951d6b5113902fde10f484d31b8d35912baf
- SHA256
  
  fd6e3c0c6a443a9872a082f02955ca8cf7bc7f42752fdc0fe01622a5d35d07bf
- SHA512
  
  cda06d41880d1b23f086bfbec0fe19f3cd787b1fdd0e2d4a8f80747fb42b088ed7cbc456f8862b979b7c94b5f0ba313749797f998867fccf17482d947860c933
- SSDEEP
  
  49152:Hus/0tGxAPbN34EG1nFCiQ9bozruSX0RIglO1CuL9VNcaCdGczKITh1fk1gkLF:Os0tGx7K6rt6MpChJCj
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Beds Protector Packer
  Detects Beds Protector packer used to load .NET malware.
behavioral13 behavioral14
- Target
  
  SnakeKeylogger-main/bin/Release/Snake Keylogger.vshost.exe
- Size
  
  11KB
- MD5
  
  23f9d4cae5c1a90415f77e1e051b2a0f
- SHA1
  
  27352ba0e68025b60338372dd81a40d2b5b55f21
- SHA256
  
  fd4a5bcd7534758bc5d5266f46f68b42e204d620d779be902e83d849ffda3bfe
- SHA512
  
  dba02405c682617146d7691508694c026466d8bda58e176d07b898b1a1ed07aeaa5d34cce924245d585a7cf61c51491b2909e8fc4c75a165bcfe438a6729b1d9
- SSDEEP
  
  192:5MW1VW8A2xB1MWsVmWcQKPnEtObMacxc8hjXHUz1TrO6bZ7H:znIW0mWcLXci2jXHUB
Score

3^/10
behavioral15 behavioral16
- Target
  
  SnakeKeylogger-main/obj/Debug/Snake Keylogger.exe
- Size
  
  6.0MB
- MD5
  
  f9960f5488085181b45238a827f471de
- SHA1
  
  0aeafc8d62db430da2d1899cb0b0bbc215762215
- SHA256
  
  3b6b10baa64d343487c73a1a8eed90216f0a4f8f7ed5712a6ed8bb9353a69dec
- SHA512
  
  e1819aac0da75331433c9ba3721706c0d3f16df4c6ceaa4d0a9a4e84ce1f9b0cb693ee3641d8ac5b723af8e055a9459c6b590032dbde2da646d8057c2b604188
- SSDEEP
  
  49152:RgkLFVus/0tGxAPbN34EG1nFCiQ9bozruSX0RIglO1CuL9VNcaCdGczKITh1fkx:Rjes0tGx7K6rt6MpChJ
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Beds Protector Packer
  Detects Beds Protector packer used to load .NET malware.
behavioral17 behavioral18
- Target
  
  SnakeKeylogger-main/obj/Release/Snake Keylogger.exe
- Size
  
  6.0MB
- MD5
  
  7d9c8e2d6d6bf957a1ebda127c084652
- SHA1
  
  2ff3951d6b5113902fde10f484d31b8d35912baf
- SHA256
  
  fd6e3c0c6a443a9872a082f02955ca8cf7bc7f42752fdc0fe01622a5d35d07bf
- SHA512
  
  cda06d41880d1b23f086bfbec0fe19f3cd787b1fdd0e2d4a8f80747fb42b088ed7cbc456f8862b979b7c94b5f0ba313749797f998867fccf17482d947860c933
- SSDEEP
  
  49152:Hus/0tGxAPbN34EG1nFCiQ9bozruSX0RIglO1CuL9VNcaCdGczKITh1fk1gkLF:Os0tGx7K6rt6MpChJCj
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Beds Protector Packer
  Detects Beds Protector packer used to load .NET malware.
behavioral19 behavioral20

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

snakekeyloggerkeyloggerstealer

behavioral10

snakekeyloggerkeyloggerstealer

behavioral11

behavioral12

behavioral13

snakekeyloggerkeyloggerstealer

behavioral14

snakekeyloggerkeyloggerstealer

behavioral15

behavioral16

behavioral17

snakekeyloggerkeyloggerstealer

behavioral18

snakekeyloggerkeyloggerstealer

behavioral19

snakekeyloggerkeyloggerstealer

behavioral20

snakekeyloggerkeyloggerstealer