Overview

overview

10

Static

static

3

8f11652e58...eb.exe

windows7-x64

10

8f11652e58...eb.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8f11652e58d9d7ae390cbb476120892e87dcfc4b15a24e8ead9a8f3120fdaaeb.exe

  • Size

    2.9MB

  • Sample

    241207-dhsclsykfl

  • MD5

    f0db130e6b63a94f3d3b33e43cbfbf55

  • SHA1

    198ff2e9a846f3e39d970dc20711fb758406b5cb

  • SHA256

    8f11652e58d9d7ae390cbb476120892e87dcfc4b15a24e8ead9a8f3120fdaaeb

  • SHA512

    f8fe4bf340960a7f3adc44d0d789d36430d56d71d36f68d34a792f8a44fd2f28e9c87b3bbd8551d5200c62f9ed204d3357008aecb4e8dd556d787b749fb3d3de

  • SSDEEP

    49152:dm4TovB6xQlMtR0mG6bGvO2kHlVqWP6tisEbX+aJMcTy:dIJfA5b6to+uTy

Score
10/10
snakekeyloggerkeyloggerstealer

Malware Config

Extracted

Family

snakekeylogger

Credentials

  • Protocol:     smtp
  • Host:
    gator3220.hostgator.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    empS#w!TZyEMPX(#ExgT38s

Targets

    • Target

      8f11652e58d9d7ae390cbb476120892e87dcfc4b15a24e8ead9a8f3120fdaaeb.exe

    • Size

      2.9MB

    • MD5

      f0db130e6b63a94f3d3b33e43cbfbf55

    • SHA1

      198ff2e9a846f3e39d970dc20711fb758406b5cb

    • SHA256

      8f11652e58d9d7ae390cbb476120892e87dcfc4b15a24e8ead9a8f3120fdaaeb

    • SHA512

      f8fe4bf340960a7f3adc44d0d789d36430d56d71d36f68d34a792f8a44fd2f28e9c87b3bbd8551d5200c62f9ed204d3357008aecb4e8dd556d787b749fb3d3de

    • SSDEEP

      49152:dm4TovB6xQlMtR0mG6bGvO2kHlVqWP6tisEbX+aJMcTy:dIJfA5b6to+uTy

    Score
    10/10
    snakekeyloggerkeyloggerstealer

    • Snake Keylogger

      Keylogger and Infostealer first seen in November 2020.

      stealerkeyloggersnakekeylogger

    • Snake Keylogger payload

    • Snakekeylogger family

      snakekeylogger

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks