snakekeylogger | ff114595667cf12d185e3e147290d41d4f91b8c2a065812741e540e99c2f0db0 | Triage

Submit
Reports

Overview

overview

Static

static

5

ff11459566...b0.exe

windows7-x64

ff11459566...b0.exe

windows10-2004-x64

3

Sharing

General

Target

ff114595667cf12d185e3e147290d41d4f91b8c2a065812741e540e99c2f0db0.exe
Size

976KB
Sample

250110-r9cywsxndz
MD5

43743091973b08e4265bb937d78d0522
SHA1

142851ffb4aa49a41edb2bfb83d8459138582b27
SHA256

ff114595667cf12d185e3e147290d41d4f91b8c2a065812741e540e99c2f0db0
SHA512

9745ba5fdf5bb77c8ce1350a8e18e4e6fce73d8084a3b1f1db26cbdbf8b63a6cabe16de80227f93496c4eb13bac6795b2daf9af696f5da3f63983bf3dfb8c275
SSDEEP

24576:1u6J33O0c+JY5UZ+XC0kGso6FaPX+8n5QU2PvhfWY:Xu0c++OCvkGs9FaPTuTEY

Score

10^/10

snakekeylogger discovery keylogger stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ff114595667cf12d185e3e147290d41d4f91b8c2a065812741e540e99c2f0db0.exe

Resource

win7-20240708-en

snakekeylogger discovery keylogger stealer

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

ff114595667cf12d185e3e147290d41d4f91b8c2a065812741e540e99c2f0db0.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot8124248958:AAHHSH6MqAJrQq3xcmINDov2O7_xgCmxgPE/sendMessage?chat_id=5808310347

Targets

- Target
  
  ff114595667cf12d185e3e147290d41d4f91b8c2a065812741e540e99c2f0db0.exe
- Size
  
  976KB
- MD5
  
  43743091973b08e4265bb937d78d0522
- SHA1
  
  142851ffb4aa49a41edb2bfb83d8459138582b27
- SHA256
  
  ff114595667cf12d185e3e147290d41d4f91b8c2a065812741e540e99c2f0db0
- SHA512
  
  9745ba5fdf5bb77c8ce1350a8e18e4e6fce73d8084a3b1f1db26cbdbf8b63a6cabe16de80227f93496c4eb13bac6795b2daf9af696f5da3f63983bf3dfb8c275
- SSDEEP
  
  24576:1u6J33O0c+JY5UZ+XC0kGso6FaPX+8n5QU2PvhfWY:Xu0c++OCvkGs9FaPTuTEY
Score

10^/10

snakekeylogger discovery keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Snakekeylogger family
  snakekeylogger
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

snakekeyloggerdiscoverykeyloggerstealer

behavioral2

© 2018-2025

Terms | Privacy