snakekeylogger | 21defeecddcd60f6dd2fb4efc93503f1ff759cf81dc3429d8cff40f9977b3d6c | Triage

Submit
Reports

Overview

overview

Static

static

7

21defeecdd...6c.exe

windows7-x64

21defeecdd...6c.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

21defeecddcd60f6dd2fb4efc93503f1ff759cf81dc3429d8cff40f9977b3d6c.exe
Size

670KB
Sample

240722-svzd1svand
MD5

f8be25a014b6d2c4ef534e685ec9a327
SHA1

391a5b2f1a5d669e9c0c0377dd5c0f0063123c6f
SHA256

21defeecddcd60f6dd2fb4efc93503f1ff759cf81dc3429d8cff40f9977b3d6c
SHA512

d9a33afb966eb9ad60a764b609e3164ee81bc84f1fadcb40a3bcd7b1f1c745dfc306e400b5ce5fd3f5ae63515872217478d50add287bd54c7e7eaba581567050
SSDEEP

12288:xYV6MorX7qzuC3QHO9FQVHPF51jgcEjBnmK0Sw06ogk2feu2yQcKr5ROdY:GBXu9HGaVHGrwiOfeuhQHOm

Score

10^/10

snakekeylogger collection keylogger stealer upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

21defeecddcd60f6dd2fb4efc93503f1ff759cf81dc3429d8cff40f9977b3d6c.exe

Resource

win7-20240708-en

snakekeylogger collection keylogger stealer upx

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

21defeecddcd60f6dd2fb4efc93503f1ff759cf81dc3429d8cff40f9977b3d6c.exe

Resource

win10v2004-20240709-en

snakekeylogger collection keylogger stealer upx

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot7479517689:AAFZXzeEulm16gwWbLqx5RMoTeKEfX7e5jQ/sendMessage?chat_id=7071568333

Targets

- Target
  
  21defeecddcd60f6dd2fb4efc93503f1ff759cf81dc3429d8cff40f9977b3d6c.exe
- Size
  
  670KB
- MD5
  
  f8be25a014b6d2c4ef534e685ec9a327
- SHA1
  
  391a5b2f1a5d669e9c0c0377dd5c0f0063123c6f
- SHA256
  
  21defeecddcd60f6dd2fb4efc93503f1ff759cf81dc3429d8cff40f9977b3d6c
- SHA512
  
  d9a33afb966eb9ad60a764b609e3164ee81bc84f1fadcb40a3bcd7b1f1c745dfc306e400b5ce5fd3f5ae63515872217478d50add287bd54c7e7eaba581567050
- SSDEEP
  
  12288:xYV6MorX7qzuC3QHO9FQVHPF51jgcEjBnmK0Sw06ogk2feu2yQcKr5ROdY:GBXu9HGaVHGrwiOfeuhQHOm
Score

10^/10

snakekeylogger collection keylogger stealer upx
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

snakekeyloggercollectionkeyloggerstealerupx

behavioral2

snakekeyloggercollectionkeyloggerstealerupx

© 2018-2025

Terms | Privacy