snakekeylogger | e75e132f419523529e59356445a2f5bb1a031281344a85598ba5059e608f8549 | Triage

Submit
Reports

Overview

overview

Static

static

3

19aa66f2ca...3c.exe

windows7-x64

1

19aa66f2ca...3c.exe

windows10-2004-x64

Sharing

General

Target

19aa66f2ca96ec4579ee920e9ec1c73c
Size

433KB
Sample

231224-3gxy5sedg5
MD5

19aa66f2ca96ec4579ee920e9ec1c73c
SHA1

fca845bb38cbd038912a9150566a13f5af2f1d4e
SHA256

e75e132f419523529e59356445a2f5bb1a031281344a85598ba5059e608f8549
SHA512

a3e3e76e3198bccd60d1235c403e108fad8bf674b5cead354b2a0e2e0439a80c13b18065ca41cd674b62599f805a862ab1c704c9ee01f22219c12131cf385581
SSDEEP

6144:w09XrpG6Bcwqh3SB4Rb3DggpBMDPnGQ5njdynEqLl4p8dVRWuR4AY+SoKm6+hwou:wAdG6OE6YNDPlh43lFVRWuGAYqu

Score

10^/10

snakekeylogger keylogger stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

19aa66f2ca96ec4579ee920e9ec1c73c.exe

Resource

win7-20231215-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

19aa66f2ca96ec4579ee920e9ec1c73c.exe

Resource

win10v2004-20231215-en

snakekeylogger keylogger stealer

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
mail.sayimkalip.com
Port:
587
Username:
[email protected]
Password:
3edcvfr4**
Email To:
[email protected]

C2

https://api.telegram.org/bot1483662500:AAGrMuxJV05-It-ke-xXVV6-R6IAtETpJb0/sendMessage?chat_id=1300181783

Targets

- Target
  
  19aa66f2ca96ec4579ee920e9ec1c73c
- Size
  
  433KB
- MD5
  
  19aa66f2ca96ec4579ee920e9ec1c73c
- SHA1
  
  fca845bb38cbd038912a9150566a13f5af2f1d4e
- SHA256
  
  e75e132f419523529e59356445a2f5bb1a031281344a85598ba5059e608f8549
- SHA512
  
  a3e3e76e3198bccd60d1235c403e108fad8bf674b5cead354b2a0e2e0439a80c13b18065ca41cd674b62599f805a862ab1c704c9ee01f22219c12131cf385581
- SSDEEP
  
  6144:w09XrpG6Bcwqh3SB4Rb3DggpBMDPnGQ5njdynEqLl4p8dVRWuR4AY+SoKm6+hwou:wAdG6OE6YNDPlh43lFVRWuGAYqu
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

snakekeyloggerkeyloggerstealer

© 2018-2024

Terms | Privacy