snakekeylogger | 366b5c903c465f954ea27c0e8e930d4e0e2e6df28ec4f1fd038632233c8fecbd | Triage

Submit
Reports

Overview

overview

Static

static

3

MT Sea Gul...rs.exe

windows10-1703-x64

Resubmissions

14/06/2024, 17:50

240614-wes4va1ajc 10

14/06/2024, 17:49

240614-weew8avajn 10

14/06/2024, 17:12

240614-vq8s1azaqc 10

13/06/2024, 15:58

240613-tej5tsvgpg 10

13/06/2024, 14:59

240613-sc3cysxglm 10

Sharing

Copy URL Twitter E-mail

General

Target

MT Sea Gull 9 Particulars.exe
Size

491KB
Sample

240614-weew8avajn
MD5

0451f8d2d0162106004e683ef1390d0a
SHA1

a1ecdc14ab607517fcca51a0be7b4ebfd33c6150
SHA256

366b5c903c465f954ea27c0e8e930d4e0e2e6df28ec4f1fd038632233c8fecbd
SHA512

7f1328d631b6a3ab639cbae66d06070793f2a4918700fd83e7b7d36b13c0acc402b05eeac91c7ad836206ecce26ef686e111cccad287b3bf76f63ccfcd757002
SSDEEP

12288:ttMyF3ltmBOVahfG3+CSQ9vkk93Ym4WWsGf:XM6ltmva+CSQCk93NWsq

Score

10^/10

snakekeylogger keylogger stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

MT Sea Gull 9 Particulars.exe

Resource

win10-20240611-en

snakekeylogger keylogger stealer

windows10-1703-x64

7 signatures

60 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
valleycountysar.org
Port:
26
Username:
[email protected]
Password:
fY,FLoadtsiF

C2

http://103.130.147.85

Targets

- Target
  
  MT Sea Gull 9 Particulars.exe
- Size
  
  491KB
- MD5
  
  0451f8d2d0162106004e683ef1390d0a
- SHA1
  
  a1ecdc14ab607517fcca51a0be7b4ebfd33c6150
- SHA256
  
  366b5c903c465f954ea27c0e8e930d4e0e2e6df28ec4f1fd038632233c8fecbd
- SHA512
  
  7f1328d631b6a3ab639cbae66d06070793f2a4918700fd83e7b7d36b13c0acc402b05eeac91c7ad836206ecce26ef686e111cccad287b3bf76f63ccfcd757002
- SSDEEP
  
  12288:ttMyF3ltmBOVahfG3+CSQ9vkk93Ym4WWsGf:XM6ltmva+CSQCk93NWsq
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

snakekeyloggerkeyloggerstealer

© 2018-2025

Terms | Privacy