snakekeylogger | d52949c39dbdaf1d48526844bfe91a93cf718bb23c2f3c5e640189ec73b7d409 | Triage

Submit
Reports

Overview

overview

Static

static

3

87ef7f0e2a...98.exe

windows7-x64

87ef7f0e2a...98.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_d52949c39dbdaf1d48526844bfe91a93cf718bb23c2f3c5e640189ec73b7d409
Size

302KB
Sample

241222-hk93naxret
MD5

a0e16ac2f0e5346465db6dc505f9abd8
SHA1

69ef2c83385ee7563d4d900c3c7e7ebfea83af6b
SHA256

d52949c39dbdaf1d48526844bfe91a93cf718bb23c2f3c5e640189ec73b7d409
SHA512

70c78c009b1a7ad54e6992609ad791a359801ecaaa6655f280bba69cda6a2cd932b2037b3127c06a08afe95564a212c30a7923b4199b4bfbade7312f20b48d2d
SSDEEP

6144:FsbbcbPPLYrlhE2AWhrlgPKIzjfe6EIfVSI7fHnZJkur1:FCcDLUlhHrlgPVf9fVX7fHZJHr1

Score

10^/10

snakekeylogger discovery keylogger stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

87ef7f0e2a5aae0d95289f867c9b4e8e784c945fc8eecaf6af8f12fa34031a98.exe

Resource

win7-20241010-en

snakekeylogger discovery keylogger stealer

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

87ef7f0e2a5aae0d95289f867c9b4e8e784c945fc8eecaf6af8f12fa34031a98.exe

Resource

win10v2004-20241007-en

snakekeylogger discovery keylogger stealer

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
smtp.ionos.es
Port:
587
Username:
[email protected]
Password:
barkoner
Email To:
[email protected]

Targets

- Target
  
  87ef7f0e2a5aae0d95289f867c9b4e8e784c945fc8eecaf6af8f12fa34031a98
- Size
  
  539KB
- MD5
  
  4e3c2afdec28174ff80a76868e151ac7
- SHA1
  
  8772ebb95b148011df1334d6d6b906e67d8a8d2f
- SHA256
  
  87ef7f0e2a5aae0d95289f867c9b4e8e784c945fc8eecaf6af8f12fa34031a98
- SHA512
  
  892c73fceb4117a873de54eb6300030664fffb61e2bf3e3b39c3644d1387f7993ef3945cd06566e88fd9950e8d23f9dd3deec5e017cc3f02b88d9f0e309726bd
- SSDEEP
  
  6144:kK385DCmYzU1MYICxnVjvBWP45yeq5Jq0VCzfOXWwBI5S3K4YLgs9nG:kl5DCmYz/YPxZvBJTzzGXtBI5Z4Y8e
Score

10^/10

snakekeylogger discovery keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Snakekeylogger family
  snakekeylogger
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

snakekeyloggerdiscoverykeyloggerstealer

behavioral2

snakekeyloggerdiscoverykeyloggerstealer

© 2018-2024

Terms | Privacy