snakekeylogger | 88ec98143583ec8e9c2ab137463322ce04bfb1a03f112fe1fb0d09ad502a1429

General

Target

88ec98143583ec8e9c2ab137463322ce04bfb1a03f112fe1fb0d09ad502a1429.exe
Size

131KB
Sample

250110-r1clrszjhm
MD5

0a6d497237dc22f74fa9eb514ef6aef1
SHA1

99ced63b28ed88283f8b293d1a4804acb22cf01c
SHA256

88ec98143583ec8e9c2ab137463322ce04bfb1a03f112fe1fb0d09ad502a1429
SHA512

4764ea38a57f5617ef748bc52cb9c6a0aa8c435dfd6dfdec993ecf113d3bd1e413b95c49b94424e5eb9256f525328746a894f8322ca8a4a3817a6c6a1243c6c3
SSDEEP

3072:y99yINAgKjV545jbvk5Hbe7fMuJN07TBqKj+EmfJ9K4b5bPmmmWMIwvcXvQgbY:1INAgKjV5Cjbvk5Hbe7fMuJN07T49K49

Score

10^/10

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot7692220058:AAEny12fSzuKXI7iNJaESECu5UR80nmwLAQ/sendMessage?chat_id=7342994424

Targets

- Target
  
  88ec98143583ec8e9c2ab137463322ce04bfb1a03f112fe1fb0d09ad502a1429.exe
- Size
  
  131KB
- MD5
  
  0a6d497237dc22f74fa9eb514ef6aef1
- SHA1
  
  99ced63b28ed88283f8b293d1a4804acb22cf01c
- SHA256
  
  88ec98143583ec8e9c2ab137463322ce04bfb1a03f112fe1fb0d09ad502a1429
- SHA512
  
  4764ea38a57f5617ef748bc52cb9c6a0aa8c435dfd6dfdec993ecf113d3bd1e413b95c49b94424e5eb9256f525328746a894f8322ca8a4a3817a6c6a1243c6c3
- SSDEEP
  
  3072:y99yINAgKjV545jbvk5Hbe7fMuJN07TBqKj+EmfJ9K4b5bPmmmWMIwvcXvQgbY:1INAgKjV5Cjbvk5Hbe7fMuJN07T49K49
Score

10^/10

snakekeylogger discovery keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Snakekeylogger family
  snakekeylogger
- Deletes itself
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Snake Keylogger

Snake Keylogger payload

Snakekeylogger family

Deletes itself

Looks up external IP address via web service

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2