snakekeylogger | e4455f40af3a1472cda3aae4358145f9cddd8376bc145a6ed7686f6e5a5f6599 | Triage

Submit
Reports

Overview

overview

Static

static

711a015ef7...92.exe

windows7-x64

711a015ef7...92.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

711a015ef79c1fa08927b6e72c826b92
Size

121KB
Sample

240124-b2k2jafbap
MD5

711a015ef79c1fa08927b6e72c826b92
SHA1

75cae45edb6ac10305eb21d6c20f50474546ccdd
SHA256

e4455f40af3a1472cda3aae4358145f9cddd8376bc145a6ed7686f6e5a5f6599
SHA512

3d9e2a775afa6f05ee9b9b9b1ec6f2ad19cd0cab168d80a19a50d23f97bcc6bdd16c37006160f0d31cf1c6fc5d39bd113f28e9d1fcf02a8e012e1b06c638d85c
SSDEEP

3072:FYOEiJFUor2L1iDJr98ZTrGwEabSxlwB5SH:/i1i9r9EKabpS

Score

10^/10

snakekeylogger keylogger stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

711a015ef79c1fa08927b6e72c826b92.exe

Resource

win7-20231129-en

snakekeylogger keylogger stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

711a015ef79c1fa08927b6e72c826b92.exe

Resource

win10v2004-20231222-en

snakekeylogger keylogger stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
webmail.patagoniachileadventures.com
Port:
25
Username:
[email protected]
Password:
12345
Email To:
[email protected]

Targets

- Target
  
  711a015ef79c1fa08927b6e72c826b92
- Size
  
  121KB
- MD5
  
  711a015ef79c1fa08927b6e72c826b92
- SHA1
  
  75cae45edb6ac10305eb21d6c20f50474546ccdd
- SHA256
  
  e4455f40af3a1472cda3aae4358145f9cddd8376bc145a6ed7686f6e5a5f6599
- SHA512
  
  3d9e2a775afa6f05ee9b9b9b1ec6f2ad19cd0cab168d80a19a50d23f97bcc6bdd16c37006160f0d31cf1c6fc5d39bd113f28e9d1fcf02a8e012e1b06c638d85c
- SSDEEP
  
  3072:FYOEiJFUor2L1iDJr98ZTrGwEabSxlwB5SH:/i1i9r9EKabpS
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

snakekeyloggerkeyloggerstealer

behavioral2

snakekeyloggerkeyloggerstealer

© 2018-2025

Terms | Privacy