snakekeylogger | c8b0b44549b2387808bf6295d09012546c4e0ffa45b4dddae08cc95505e496d8 | Triage

Submit
Reports

Overview

overview

Static

static

3

Bank Details.exe

windows7-x64

Bank Details.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

JaffaCakes118_c8b0b44549b2387808bf6295d09012546c4e0ffa45b4dddae08cc95505e496d8
Size

754KB
Sample

241225-ak48ea1rgk
MD5

809de1c5c2f300354a73bef87205b06b
SHA1

442dda1b581997e0c0a68c938158c72dd0969cc6
SHA256

c8b0b44549b2387808bf6295d09012546c4e0ffa45b4dddae08cc95505e496d8
SHA512

4b754ae0a20ff2eb90ca7392ca87af684ccf0d98086a6035733b6bd776794ee5af3bdb7de8145b6e6699f42a4613e8023f323873bb24296b106fdaef743526c1
SSDEEP

12288:Ia0ZUYkv2b+zfkHCAL6MScFg8lvasEN2sjU9Qt/tbg6fzTpQArfZFmB0MUuZRRW+:IauBkZxcFgyisS2sjU9QptbDtQADyBUM

Score

10^/10

snakekeylogger discovery keylogger stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Bank Details.exe

Resource

win7-20240729-en

snakekeylogger discovery keylogger stealer

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

Bank Details.exe

Resource

win10v2004-20241007-en

snakekeylogger discovery keylogger stealer

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
mail.stilltech.ro
Port:
587
Username:
[email protected]
Password:
eurobit555ro
Email To:
[email protected]

Targets

- Target
  
  Bank Details.bin
- Size
  
  834KB
- MD5
  
  0da53609ff3df8c563229822a3fe7390
- SHA1
  
  fa149a7ad19af7096d8f2717f00b9823ac3a5d08
- SHA256
  
  ed7516df6bc1f072f38ba9c14745ba8d815d3f411cd1852b485151c45f0f654f
- SHA512
  
  c943f32785116b25d1db8371327b9d4fa662bbcabf4791df1f95b35f49da7f9b7c9976c04427a6900f26f6912371a7c9e37b6445489e85df3cef9e2c64a342ba
- SSDEEP
  
  12288:Nf19ZqeG3o9N1S9Yh4+3e+M7tDdg5Oc+/y6J24Opy/XRFKx:Nf19Uef1S9Yh4lT7t2OcLgvR
Score

10^/10

snakekeylogger discovery keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Snakekeylogger family
  snakekeylogger
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

snakekeyloggerdiscoverykeyloggerstealer

behavioral2

snakekeyloggerdiscoverykeyloggerstealer

© 2018-2025

Terms | Privacy