snakekeylogger | 78a6dd64fa777ed37c0ffeae2cdda73789dfb56cd8552083e87dbf563f6039a8 | Triage

Submit
Reports

Overview

overview

Static

static

3

SecuriteIn...02.exe

windows7-x64

SecuriteIn...02.exe

windows10-2004-x64

Sharing

General

Target

SecuriteInfo.com.Win32.PWSX-gen.11199.8902.exe
Size

518KB
Sample

231204-ha7vjshe36
MD5

c39926da378faad0c950ea349890c989
SHA1

f904d0f53e30591a7064c6b2d0602e2831db3ee1
SHA256

78a6dd64fa777ed37c0ffeae2cdda73789dfb56cd8552083e87dbf563f6039a8
SHA512

df0b8ef8076b7cc0c53978601d04689d7df4474a5f96f3134ad058dc8faf10c65cc26f8ea25cfe8a06cc0ef7dc8cfab735e9aaef4b515fea976299b10df5d22c
SSDEEP

6144:MC245gVpoTWvYExGZXGRWYiDApqMP9nknrUuOuOtkUGamdJ5wVAWzLla2JXPyTbr:M145+po2dx03gpvAOuOtFmWzE2Y7ZF

Score

10^/10

snakekeylogger keylogger stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Win32.PWSX-gen.11199.8902.exe

Resource

win7-20231130-en

snakekeylogger keylogger stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.Win32.PWSX-gen.11199.8902.exe

Resource

win10v2004-20231130-en

snakekeylogger keylogger stealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Win32.PWSX-gen.11199.8902.exe
- Size
  
  518KB
- MD5
  
  c39926da378faad0c950ea349890c989
- SHA1
  
  f904d0f53e30591a7064c6b2d0602e2831db3ee1
- SHA256
  
  78a6dd64fa777ed37c0ffeae2cdda73789dfb56cd8552083e87dbf563f6039a8
- SHA512
  
  df0b8ef8076b7cc0c53978601d04689d7df4474a5f96f3134ad058dc8faf10c65cc26f8ea25cfe8a06cc0ef7dc8cfab735e9aaef4b515fea976299b10df5d22c
- SSDEEP
  
  6144:MC245gVpoTWvYExGZXGRWYiDApqMP9nknrUuOuOtkUGamdJ5wVAWzLla2JXPyTbr:M145+po2dx03gpvAOuOtFmWzE2Y7ZF
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

snakekeyloggerkeyloggerstealer

behavioral2

snakekeyloggerkeyloggerstealer

© 2018-2024

Terms | Privacy