snakekeylogger | 1397ab94adb5abfc8c9aa23d479468b612399ee953075e2eef30238d0f146d14 | Triage

Submit
Reports

Overview

overview

Static

static

3

fe24a322c4...59.exe

windows7-x64

fe24a322c4...59.exe

windows10-2004-x64

Sharing

General

Target

24af572a18b0c2490589745bc6466f3b.bin
Size

301KB
Sample

230817-bgyrwsef23
MD5

98a57567c6f013c9b3247bdfa47a08b1
SHA1

bd964e33445eb9a739b1b66b05fb89cc0bb379e1
SHA256

1397ab94adb5abfc8c9aa23d479468b612399ee953075e2eef30238d0f146d14
SHA512

372f005711f425e9ac60feaf5b3f81eeb06829095a31c0848a36402977fbc148000ee299b54fd1121abbef729c6c30c25ddebce9c031f823438c6251c546a2de
SSDEEP

6144:HIoGR2SQtuQ8NqT7IX1uZL2ZLSiUEj0IyXqOMIMDTDL5BSv4Q/csR3R:ooyquQmNXAZL2ZLMbMdpBFYJRh

Score

10^/10

snakekeylogger keylogger stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

fe24a322c4104ce6fb8bc6b3460907471c999d6c1c87567648575034d3b67b59.exe

Resource

win7-20230712-en

snakekeylogger keylogger stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

fe24a322c4104ce6fb8bc6b3460907471c999d6c1c87567648575034d3b67b59.exe

Resource

win10v2004-20230703-en

snakekeylogger keylogger stealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
mail.rockglen.com
Port:
587
Username:
[email protected]
Password:
@123kmoney
Email To:
[email protected]

Targets

- Target
  
  fe24a322c4104ce6fb8bc6b3460907471c999d6c1c87567648575034d3b67b59.bin
- Size
  
  474KB
- MD5
  
  24af572a18b0c2490589745bc6466f3b
- SHA1
  
  8c6064519e2ad1578741244a8d28ceb82983fbf7
- SHA256
  
  fe24a322c4104ce6fb8bc6b3460907471c999d6c1c87567648575034d3b67b59
- SHA512
  
  211a636b9772cdc441d3ff03be01d06b3bdf046dd41a1055c2c144e0e9a96377724501736b41efd28726b50e67e2e999476363b811d74331bb20835369a802cc
- SSDEEP
  
  12288:Scv6ZS2MRXplCmrHLedAEXeRD4gbtVEpp1y:Scy42GXpwmrH6dAEX9bn1y
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

snakekeyloggerkeyloggerstealer

behavioral2

snakekeyloggerkeyloggerstealer

© 2018-2025

Terms | Privacy