snakekeylogger | 57e7f91be19a8356a1021663353af9d2cc072b7c0137a41641c3c03321e9ef50 | Triage

Submit
Reports

Overview

overview

Static

static

3

812108284b...ef.exe

windows7-x64

812108284b...ef.exe

windows10-2004-x64

Sharing

General

Target

57e7f91be19a8356a1021663353af9d2cc072b7c0137a41641c3c03321e9ef50
Size

563KB
Sample

240417-rk1cwsbd83
MD5

d420c780783b80238927a88b9bf8698f
SHA1

f19f8afe1f84e90e8a6dc31f2980891b26e2ecd0
SHA256

57e7f91be19a8356a1021663353af9d2cc072b7c0137a41641c3c03321e9ef50
SHA512

87efa978e3b5d4e56b7fc3437b76a696ea6d317dff7f5da31585845447c4eb9a815b9aac4ae521601b76bec843c39367bcc8a05fbfb8c9494d4fb004def4a4a2
SSDEEP

12288:noQ4GbyXBDkMcX5Zbhy8v45pBPylPFA8SFBhZ+U+hZVt5:nNlIyMcpRXA5pBAPm1bg

Score

10^/10

snakekeylogger keylogger stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

812108284bc6345fe8831d13d26d68073af1b82d39b3a67ff9310528ca7c59ef.exe

Resource

win7-20240221-en

snakekeylogger keylogger stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

812108284bc6345fe8831d13d26d68073af1b82d39b3a67ff9310528ca7c59ef.exe

Resource

win10v2004-20240412-en

snakekeylogger keylogger stealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
viajescoriatours.com
Port:
587
Username:
[email protected]
Password:
170717FteoS%
Email To:
[email protected]

C2

http://varders.kozow.com:8081

http://aborters.duckdns.org:8081

http://anotherarmy.dns.army:8081

Targets

- Target
  
  812108284bc6345fe8831d13d26d68073af1b82d39b3a67ff9310528ca7c59ef.exe
- Size
  
  820KB
- MD5
  
  9967ee5fb6a3fa6a232e99953e9c10ae
- SHA1
  
  eadefb78c0d088f86e211957a1d144f619f6f163
- SHA256
  
  812108284bc6345fe8831d13d26d68073af1b82d39b3a67ff9310528ca7c59ef
- SHA512
  
  f4fb4debdcfe397af5a5a17da50821c5258f50edbaf792e72a476bf0cd2bc833ba3f28426e84f839c6f052d61190b7318bd21ca9a5e11e28a2dfc79e30111e05
- SSDEEP
  
  12288:ZxeU8cjHn+GcTJOGOMDDDL3oRfMhYKCUo8riafbdIGuXOGS01DM:qauVZSAaUo8riaTd4+GSe
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

snakekeyloggerkeyloggerstealer

behavioral2

snakekeyloggerkeyloggerstealer

© 2018-2024

Terms | Privacy