snakekeylogger | bce9336c486cf912d6fe98bbe4c82cbdab98574a28b11f5d237b4b6d187ab89d | Triage

Submit
Reports

Overview

overview

Static

static

5

BCE9336C48...9D.exe

windows7-x64

BCE9336C48...9D.exe

windows10-2004-x64

Sharing

General

Target

BCE9336C486CF912D6FE98BBE4C82CBDAB98574A28B11F5D237B4B6D187AB89D
Size

1.1MB
Sample

250103-jqjckavmb1
MD5

2fa28ddeb5d518e0a415281442dba56f
SHA1

9aa45e8dab4ee64a6eacfcbed4c17e8e63ce710b
SHA256

bce9336c486cf912d6fe98bbe4c82cbdab98574a28b11f5d237b4b6d187ab89d
SHA512

10bb5f76278f38dc56778c5a0570efd6362e0459c467ac4e8b72ddea44f37bb68cc1192a65c8ef1b61155c73d6b33cb612ad4d0e1ab590a6dda19196ec255d7e
SSDEEP

24576:vAHnh+eWsN3skA4RV1Hom2KXMmHarugVLT5m6zL5:Sh+ZkldoPK8Yarug1TD

Score

10^/10

snakekeylogger discovery keylogger stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

BCE9336C486CF912D6FE98BBE4C82CBDAB98574A28B11F5D237B4B6D187AB89D.exe

Resource

win7-20240903-en

snakekeylogger discovery keylogger stealer

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

BCE9336C486CF912D6FE98BBE4C82CBDAB98574A28B11F5D237B4B6D187AB89D.exe

Resource

win10v2004-20241007-en

snakekeylogger discovery keylogger stealer

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  BCE9336C486CF912D6FE98BBE4C82CBDAB98574A28B11F5D237B4B6D187AB89D
- Size
  
  1.1MB
- MD5
  
  2fa28ddeb5d518e0a415281442dba56f
- SHA1
  
  9aa45e8dab4ee64a6eacfcbed4c17e8e63ce710b
- SHA256
  
  bce9336c486cf912d6fe98bbe4c82cbdab98574a28b11f5d237b4b6d187ab89d
- SHA512
  
  10bb5f76278f38dc56778c5a0570efd6362e0459c467ac4e8b72ddea44f37bb68cc1192a65c8ef1b61155c73d6b33cb612ad4d0e1ab590a6dda19196ec255d7e
- SSDEEP
  
  24576:vAHnh+eWsN3skA4RV1Hom2KXMmHarugVLT5m6zL5:Sh+ZkldoPK8Yarug1TD
Score

10^/10

snakekeylogger discovery keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Snakekeylogger family
  snakekeylogger
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

snakekeyloggerdiscoverykeyloggerstealer

behavioral2

snakekeyloggerdiscoverykeyloggerstealer

© 2018-2025

Terms | Privacy