snakekeylogger | 40f64598ea5474156f785a9baf153e066c83cb52bb2caef41e001290d5b3c6b9 | Triage

Submit
Reports

Overview

overview

Static

static

3

CTM reques...df.exe

windows7-x64

CTM reques...df.exe

windows10-2004-x64

Sharing

General

Target

fd431c5a611bcd579ea5b6a5895ffbbf_JaffaCakes118
Size

840KB
Sample

240420-v47svsdg44
MD5

fd431c5a611bcd579ea5b6a5895ffbbf
SHA1

d25e0760b49c648208e9bea8be32c8b25130d765
SHA256

40f64598ea5474156f785a9baf153e066c83cb52bb2caef41e001290d5b3c6b9
SHA512

8cb6edee91ad2393788baf1d8cd929d2ca0522a025eb496c4801d35e23298f67cca36a200a380b9bf268db3227c44848b76c7566bd64ad36c7bc5f64e44fda3d
SSDEEP

24576:Qk/2zlK/rRsdMXqFZl9gmnSOA+8H6hmNHy:lKLFfEOqHTA

Score

10^/10

snakekeylogger keylogger stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

CTM request ETA 30 July 2021.pdf.exe

Resource

win7-20240221-en

snakekeylogger keylogger stealer

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

CTM request ETA 30 July 2021.pdf.exe

Resource

win10v2004-20240226-en

snakekeylogger keylogger stealer

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  CTM request ETA 30 July 2021.pdf.exe
- Size
  
  931KB
- MD5
  
  24bf9d46f46348a01a7a066376cab588
- SHA1
  
  90b0f98069cf5bc46a33d7d5cee7bf634249f700
- SHA256
  
  a3a2aeebad1531fd93c2ff210b9029f5511ebb07eb84f56bae98e8491101ba83
- SHA512
  
  e7f2ae84459f2458291215ff0e0002d2ece5b9a5f7dba6ccbe6621833d484545de116bc2f60da59c0b5033b49bf6a71cdf6ac063128c48321a5328f7fe28599f
- SSDEEP
  
  12288:AUmdXq+nKqUyaLQZMh3AQXhI5/d/mFU9KY4rusSmlLjgp7rV/eOHyLvkfwn3E6+6:NmAQ6++3W5/d/AusjLaHmvkI3E
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- CustAttr .NET packer
  Detects CustAttr .NET packer in memory.
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

snakekeyloggerkeyloggerstealer

behavioral2

snakekeyloggerkeyloggerstealer

© 2018-2024

Terms | Privacy