snakekeylogger | 8d112382b7f4f02f89697b7a14e7ece8efabd3da0904c8022240234c879d6d99 | Triage

Submit
Reports

Overview

overview

Static

static

3

AWB 1311072431.exe

windows7-x64

AWB 1311072431.exe

windows10-2004-x64

Sharing

General

Target

AWB 1311072431.Img.ace
Size

570KB
Sample

240723-nkz6catblg
MD5

74426539df6ed5d3d17120764bf0a080
SHA1

900053a8f7e16112f9973f8d7e6c7f499a41ffd0
SHA256

8d112382b7f4f02f89697b7a14e7ece8efabd3da0904c8022240234c879d6d99
SHA512

48769c52baa96ac8df4ca685a7dab0290c47a4be519fb3cd04ab18e971b214aeab187b1f36276b671562943e3e1b577cd9ac2527ee1faa8799f199f953a2f0a0
SSDEEP

12288:DSjlWWug3QuTM682dlUTIj5+c2xX36xkTGLiElxEPImx:DSxlug3rBQTIj5+ceaxSGnWd

Score

10^/10

snakekeylogger keylogger stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

AWB 1311072431.exe

Resource

win7-20240708-en

snakekeylogger keylogger stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

AWB 1311072431.exe

Resource

win10v2004-20240709-en

snakekeylogger keylogger stealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
smtp.innovativeenqg.co.in
Port:
25
Username:
[email protected]
Password:
%OTz$v%9
Email To:
[email protected]

Targets

- Target
  
  AWB 1311072431.exe
- Size
  
  595KB
- MD5
  
  e88f6d971224d6404d0112b74fcb7591
- SHA1
  
  5a24fb72a1c4072f60bb11f58c2a1c65e25c6d9d
- SHA256
  
  e166bffdc266ce0a49b5bf35f3932696892d5dd1a6aecc5b805c95523f13b219
- SHA512
  
  8ee660a62e6be76bdf79039c808e994b8001ebad69c84a8b57c4730321038805eb72603ba4bad1b653fbf4fe027ba284ef4547dee6a2d98b41b72117868a9092
- SSDEEP
  
  12288:6BXlmEOvkROhYI28EYr+seD48DoklCpR17M6pX1aD1jgp:6qEGo8ER48DoXn1bs
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

snakekeyloggerkeyloggerstealer

behavioral2

snakekeyloggerkeyloggerstealer

© 2018-2025

Terms | Privacy