snakekeylogger | 9b4bb65e2911db3bbd610b6e098ae4cb0b4aafec0a959609362e72bfe607f7f6 | Triage

Submit
Reports

Overview

overview

Static

static

3

4816d695d0...ce.exe

windows7-x64

4816d695d0...ce.exe

windows10-2004-x64

5

Sharing

General

Target

4816d695d08cdefc6a284fc67cd268ce
Size

673KB
Sample

231226-bh2vyagghl
MD5

4816d695d08cdefc6a284fc67cd268ce
SHA1

0cbbc8f5bb8ca25b510ca6262869b85dee2d6675
SHA256

9b4bb65e2911db3bbd610b6e098ae4cb0b4aafec0a959609362e72bfe607f7f6
SHA512

ab0d0985b888da3a4d9713bf64a17f27002307ae66a092211b18e14bc13fb2a734aac8a3237d3d33ec5e480c6ce12e4386b791d5618dff43a3af8c030837790b
SSDEEP

12288:q7k2iNb4sWlkNb0Q/hjFm0nUprCV6qoAddEu/NpRYU:Gk1ysWlkF/XSdGHjddEu/

Score

10^/10

snakekeylogger keylogger stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4816d695d08cdefc6a284fc67cd268ce.exe

Resource

win7-20231215-en

snakekeylogger keylogger stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

4816d695d08cdefc6a284fc67cd268ce.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
mail.privateemail.com
Port:
587
Username:
[email protected]
Password:
*nGhj2BVAMZC!
Email To:
[email protected]

Targets

- Target
  
  4816d695d08cdefc6a284fc67cd268ce
- Size
  
  673KB
- MD5
  
  4816d695d08cdefc6a284fc67cd268ce
- SHA1
  
  0cbbc8f5bb8ca25b510ca6262869b85dee2d6675
- SHA256
  
  9b4bb65e2911db3bbd610b6e098ae4cb0b4aafec0a959609362e72bfe607f7f6
- SHA512
  
  ab0d0985b888da3a4d9713bf64a17f27002307ae66a092211b18e14bc13fb2a734aac8a3237d3d33ec5e480c6ce12e4386b791d5618dff43a3af8c030837790b
- SSDEEP
  
  12288:q7k2iNb4sWlkNb0Q/hjFm0nUprCV6qoAddEu/NpRYU:Gk1ysWlkF/XSdGHjddEu/
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

snakekeyloggerkeyloggerstealer

behavioral2

© 2018-2024

Terms | Privacy