snakekeylogger | 0170a07d6a246cf68c8539c2e457caf5b0b27fb7e618bb139f26c6538eb7be15 | Triage

Submit
Reports

Overview

overview

Static

static

JaffaCakes...15.exe

windows7-x64

JaffaCakes...15.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_0170a07d6a246cf68c8539c2e457caf5b0b27fb7e618bb139f26c6538eb7be15
Size

152KB
Sample

241225-tpj8ksyjek
MD5

4ea4643af9057de3ce3a3c4ff4996720
SHA1

8d1c2e59a9cf142a96a7126f57c91cdac807a805
SHA256

0170a07d6a246cf68c8539c2e457caf5b0b27fb7e618bb139f26c6538eb7be15
SHA512

c434c17d58cbd0611c1383db38c187efe802b48e54464701c7142238dba9ebb6e4492ff5b39915388d84108d42fdf33432f1b793992e91b815620fb5df871453
SSDEEP

1536:izwm5lAQKEGAj+kqDBwYD+l7fQIsMb/6qJ4DpiOWBWfn0Kcl:izwmgRAjJqDBzD+l7tzbCG6wBWfnbY

Score

10^/10

snakekeylogger discovery keylogger stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_0170a07d6a246cf68c8539c2e457caf5b0b27fb7e618bb139f26c6538eb7be15.exe

Resource

win7-20240903-en

snakekeylogger discovery keylogger stealer

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_0170a07d6a246cf68c8539c2e457caf5b0b27fb7e618bb139f26c6538eb7be15.exe

Resource

win10v2004-20241007-en

snakekeylogger discovery keylogger stealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
mail.stilltech.ro
Port:
587
Username:
[email protected]
Password:
eurobit555ro
Email To:
[email protected]

Targets

- Target
  
  JaffaCakes118_0170a07d6a246cf68c8539c2e457caf5b0b27fb7e618bb139f26c6538eb7be15
- Size
  
  152KB
- MD5
  
  4ea4643af9057de3ce3a3c4ff4996720
- SHA1
  
  8d1c2e59a9cf142a96a7126f57c91cdac807a805
- SHA256
  
  0170a07d6a246cf68c8539c2e457caf5b0b27fb7e618bb139f26c6538eb7be15
- SHA512
  
  c434c17d58cbd0611c1383db38c187efe802b48e54464701c7142238dba9ebb6e4492ff5b39915388d84108d42fdf33432f1b793992e91b815620fb5df871453
- SSDEEP
  
  1536:izwm5lAQKEGAj+kqDBwYD+l7fQIsMb/6qJ4DpiOWBWfn0Kcl:izwmgRAjJqDBzD+l7tzbCG6wBWfnbY
Score

10^/10

snakekeylogger discovery keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Snakekeylogger family
  snakekeylogger
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

snakekeyloggerdiscoverykeyloggerstealer

behavioral2

snakekeyloggerdiscoverykeyloggerstealer

© 2018-2024

Terms | Privacy