snakekeylogger | 81c1043490096d6c818bf0eae1bfe8248d7f9b3b1217d4c769de6f29e321e635 | Triage

Submit
Reports

Overview

overview

Static

static

5

81C1043490...35.exe

windows7-x64

81C1043490...35.exe

windows10-2004-x64

Sharing

General

Target

81C1043490096D6C818BF0EAE1BFE8248D7F9B3B1217D4C769DE6F29E321E635
Size

1.2MB
Sample

250103-jpggksxper
MD5

51db45892803b947277b04005594f3aa
SHA1

0491c1300641db70661d790439b54a9d0276afd2
SHA256

81c1043490096d6c818bf0eae1bfe8248d7f9b3b1217d4c769de6f29e321e635
SHA512

ddbd2d93053c9127a997ebca834dea0eb9d1efb8c622a148460c9398df10d20189bcfa7ded8ad4d1d95ab7a0365b8f0c2c377480dff2a69aeecc0d19def1f8cc
SSDEEP

24576:LqDEvCTbMWu7rQYlBQcBiT6rprG8aOHyLz5ij5yZCh9Br:LTvC/MTQYxsWR7aOHgMkZCPB

Score

10^/10

snakekeylogger discovery keylogger stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

81C1043490096D6C818BF0EAE1BFE8248D7F9B3B1217D4C769DE6F29E321E635.exe

Resource

win7-20240708-en

snakekeylogger discovery keylogger stealer

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

81C1043490096D6C818BF0EAE1BFE8248D7F9B3B1217D4C769DE6F29E321E635.exe

Resource

win10v2004-20241007-en

snakekeylogger discovery keylogger stealer

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  81C1043490096D6C818BF0EAE1BFE8248D7F9B3B1217D4C769DE6F29E321E635
- Size
  
  1.2MB
- MD5
  
  51db45892803b947277b04005594f3aa
- SHA1
  
  0491c1300641db70661d790439b54a9d0276afd2
- SHA256
  
  81c1043490096d6c818bf0eae1bfe8248d7f9b3b1217d4c769de6f29e321e635
- SHA512
  
  ddbd2d93053c9127a997ebca834dea0eb9d1efb8c622a148460c9398df10d20189bcfa7ded8ad4d1d95ab7a0365b8f0c2c377480dff2a69aeecc0d19def1f8cc
- SSDEEP
  
  24576:LqDEvCTbMWu7rQYlBQcBiT6rprG8aOHyLz5ij5yZCh9Br:LTvC/MTQYxsWR7aOHgMkZCPB
Score

10^/10

snakekeylogger discovery keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Snakekeylogger family
  snakekeylogger
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

snakekeyloggerdiscoverykeyloggerstealer

behavioral2

snakekeyloggerdiscoverykeyloggerstealer

© 2018-2025

Terms | Privacy