snakekeylogger | 94226064206b06a63579726747ae6900e6b6335b03b4bb00baf6f9cb0cbb1318 | Triage

Submit
Reports

Overview

overview

Static

static

3

9422606420...18.exe

windows7-x64

9422606420...18.exe

windows10-2004-x64

Sharing

General

Target

94226064206b06a63579726747ae6900e6b6335b03b4bb00baf6f9cb0cbb1318.exe
Size

1.4MB
Sample

241005-b1brgaxgqm
MD5

2841a5211dd5eee5bcc3c3048b5d00da
SHA1

a3de07870057a11804c108ca3848b7cf28adbf6b
SHA256

94226064206b06a63579726747ae6900e6b6335b03b4bb00baf6f9cb0cbb1318
SHA512

9b5941df181ab041ca138239c7737624e4cfea5197c75bfc506e8eeedca583804e3da439fd5759fe32d450e5691e638e4400bf8be6a6788fc7e84a7eed0f538f
SSDEEP

24576:fueTHvQfTvBuYfkWBqhaHvc/OR9rJaSIUfdr2HWkwtG7pAa2StwY:fjTofT7BXFxa5

Score

10^/10

snakekeylogger collection keylogger stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

94226064206b06a63579726747ae6900e6b6335b03b4bb00baf6f9cb0cbb1318.exe

Resource

win7-20240903-en

snakekeylogger collection keylogger stealer

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

94226064206b06a63579726747ae6900e6b6335b03b4bb00baf6f9cb0cbb1318.exe

Resource

win10v2004-20240802-en

snakekeylogger collection keylogger stealer

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
gator3220.hostgator.com
Port:
587
Username:
[email protected]
Password:
Zg^!Zy[?IKrs99@soltan

Targets

- Target
  
  94226064206b06a63579726747ae6900e6b6335b03b4bb00baf6f9cb0cbb1318.exe
- Size
  
  1.4MB
- MD5
  
  2841a5211dd5eee5bcc3c3048b5d00da
- SHA1
  
  a3de07870057a11804c108ca3848b7cf28adbf6b
- SHA256
  
  94226064206b06a63579726747ae6900e6b6335b03b4bb00baf6f9cb0cbb1318
- SHA512
  
  9b5941df181ab041ca138239c7737624e4cfea5197c75bfc506e8eeedca583804e3da439fd5759fe32d450e5691e638e4400bf8be6a6788fc7e84a7eed0f538f
- SSDEEP
  
  24576:fueTHvQfTvBuYfkWBqhaHvc/OR9rJaSIUfdr2HWkwtG7pAa2StwY:fjTofT7BXFxa5
Score

10^/10

snakekeylogger collection keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

snakekeyloggercollectionkeyloggerstealer

behavioral2

snakekeyloggercollectionkeyloggerstealer

© 2018-2024

Terms | Privacy