snakekeylogger | 47266d3b56ea83e115d0c7f187707f420100fec70531685257c1c71820cd0fa7 | Triage

Submit
Reports

Overview

overview

Static

static

JaffaCakes...a7.exe

windows7-x64

JaffaCakes...a7.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_47266d3b56ea83e115d0c7f187707f420100fec70531685257c1c71820cd0fa7
Size

152KB
Sample

241229-mpejrszjhw
MD5

600bd1d81531bfa1a60715cd3964cb2c
SHA1

72515082b6e9f2491fbeef983a1f48ee9e0d24c7
SHA256

47266d3b56ea83e115d0c7f187707f420100fec70531685257c1c71820cd0fa7
SHA512

e9a241df99f76e3f85309fafee22829fa15ede2f868af31ef0575d9bec47faa37ca282a25c1685923fe5baac3b617775850ffa456066a565f85828cc7d08750f
SSDEEP

3072:iroWvZmMgml7BUn2G33NMbCuRF3wBWHnbY:ev9S2G3qbVHb

Score

10^/10

snakekeylogger discovery keylogger stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_47266d3b56ea83e115d0c7f187707f420100fec70531685257c1c71820cd0fa7.exe

Resource

win7-20240903-en

snakekeylogger discovery keylogger stealer

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_47266d3b56ea83e115d0c7f187707f420100fec70531685257c1c71820cd0fa7.exe

Resource

win10v2004-20241007-en

snakekeylogger discovery keylogger stealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
mail.mekomyapi.com
Port:
587
Username:
[email protected]
Password:
342201
Email To:
[email protected]

Targets

- Target
  
  JaffaCakes118_47266d3b56ea83e115d0c7f187707f420100fec70531685257c1c71820cd0fa7
- Size
  
  152KB
- MD5
  
  600bd1d81531bfa1a60715cd3964cb2c
- SHA1
  
  72515082b6e9f2491fbeef983a1f48ee9e0d24c7
- SHA256
  
  47266d3b56ea83e115d0c7f187707f420100fec70531685257c1c71820cd0fa7
- SHA512
  
  e9a241df99f76e3f85309fafee22829fa15ede2f868af31ef0575d9bec47faa37ca282a25c1685923fe5baac3b617775850ffa456066a565f85828cc7d08750f
- SSDEEP
  
  3072:iroWvZmMgml7BUn2G33NMbCuRF3wBWHnbY:ev9S2G3qbVHb
Score

10^/10

snakekeylogger discovery keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Snakekeylogger family
  snakekeylogger
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

snakekeyloggerdiscoverykeyloggerstealer

behavioral2

snakekeyloggerdiscoverykeyloggerstealer

© 2018-2024

Terms | Privacy