General

  • Target

    3162982c3355757fb09a46661c92e2f1473d6d984ebfecd55ab282913b529dc0.exe

  • Size

    2.0MB

  • Sample

    241207-ctb94a1jax

  • MD5

    e19319d88a7f8e0dfbcd9928c4bff63b

  • SHA1

    2279085cce4783d8c8a62c0f43c34887f106caae

  • SHA256

    3162982c3355757fb09a46661c92e2f1473d6d984ebfecd55ab282913b529dc0

  • SHA512

    d3b8953498d95d8ef55f443695aec1eafcbaeef1cdea7cd4e4266f3102f8ff7d4a0986e22ece31af4ed90c1f16d21b84f720e4bb0f31e7ef8cc1da02bf213e87

  • SSDEEP

    49152:8p3MJ2uSQldwu9mbTLbSEWA+oUbSyZDTL:8pBuRSu9YSH9V3ZD

Malware Config

Extracted

Family

snakekeylogger

Credentials

  • Protocol:
    smtp
  • Host:
    gator3220.hostgator.com
  • Port:
    587
  • Username:
    abbgets@qlststv.com
  • Password:
    ABBjy5ce)hyxmj99w
  • Email To:
    abbsend@qlststv.com

Targets

    • Target

      3162982c3355757fb09a46661c92e2f1473d6d984ebfecd55ab282913b529dc0.exe

    • Size

      2.0MB

    • MD5

      e19319d88a7f8e0dfbcd9928c4bff63b

    • SHA1

      2279085cce4783d8c8a62c0f43c34887f106caae

    • SHA256

      3162982c3355757fb09a46661c92e2f1473d6d984ebfecd55ab282913b529dc0

    • SHA512

      d3b8953498d95d8ef55f443695aec1eafcbaeef1cdea7cd4e4266f3102f8ff7d4a0986e22ece31af4ed90c1f16d21b84f720e4bb0f31e7ef8cc1da02bf213e87

    • SSDEEP

      49152:8p3MJ2uSQldwu9mbTLbSEWA+oUbSyZDTL:8pBuRSu9YSH9V3ZD

    • Snake Keylogger

      Keylogger and Infostealer first seen in November 2020.

    • Snake Keylogger payload

    • Snakekeylogger family

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.