General

  • Target

    29d1e4a1fe6ae886014cc4524641845f.exe

  • Size

    152KB

  • Sample

    230801-mr9gxsfc53

  • MD5

    29d1e4a1fe6ae886014cc4524641845f

  • SHA1

    ee0adb6b93f62e59239ea633148c00ed0a5adb42

  • SHA256

    3587ab3f5a463683ef5c0a08dfd722285dd148be0b6c7d674447f54c103b0f4e

  • SHA512

    53b56540543174bb87f873e5cacff48f755e2576727dc40e7aac0ddeb334bd8104ecb13ae0b958ea59f1f10e34ffa3d4b808102b992cde895fe828ad7d89c5f0

  • SSDEEP

    3072:abwmgba2KImq20dQ+ejE9bCN2wB1fnbY:Oaf7dQ+e2beDfb

Malware Config

Extracted

Family

snakekeylogger

Credentials

Targets

    • Target

      29d1e4a1fe6ae886014cc4524641845f.exe

    • Size

      152KB

    • MD5

      29d1e4a1fe6ae886014cc4524641845f

    • SHA1

      ee0adb6b93f62e59239ea633148c00ed0a5adb42

    • SHA256

      3587ab3f5a463683ef5c0a08dfd722285dd148be0b6c7d674447f54c103b0f4e

    • SHA512

      53b56540543174bb87f873e5cacff48f755e2576727dc40e7aac0ddeb334bd8104ecb13ae0b958ea59f1f10e34ffa3d4b808102b992cde895fe828ad7d89c5f0

    • SSDEEP

      3072:abwmgba2KImq20dQ+ejE9bCN2wB1fnbY:Oaf7dQ+e2beDfb

    • Snake Keylogger

      Keylogger and Infostealer first seen in November 2020.

    • Snake Keylogger payload

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Matrix

Tasks