snakekeylogger | a6f6e18a65c1b0247944a3d52d26d7616290ef28c8aba5b48253d125887e83dc | Triage

Submit
Reports

Overview

overview

Static

static

5

a6f6e18a65...dc.exe

windows7-x64

a6f6e18a65...dc.exe

windows10-2004-x64

Sharing

General

Target

a6f6e18a65c1b0247944a3d52d26d7616290ef28c8aba5b48253d125887e83dc.exe
Size

924KB
Sample

250110-rfj54swmbw
MD5

39fe6aa3bfcf971e363ec7865079fa05
SHA1

7f97b49491bcda0402a02d0a1946b0853c507d6e
SHA256

a6f6e18a65c1b0247944a3d52d26d7616290ef28c8aba5b48253d125887e83dc
SHA512

46f3ea719488dc5a847baafb2e581f45845dd0fb902d7bcf50f6d865d1730d14d8d55b481be5f3be0be879766486e500ef5813d86bde7dc230d0dab90d2db40b
SSDEEP

12288:rLkcoxg7v3qnC11ErwIhh0F4qwUgUny5QLwlVZGnxitFM+pJiADs/3FzmaE:ffmMv6Ckr7Mny5QLbnHYius1mL

Score

10^/10

snakekeylogger discovery keylogger stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

a6f6e18a65c1b0247944a3d52d26d7616290ef28c8aba5b48253d125887e83dc.exe

Resource

win7-20240729-en

snakekeylogger discovery keylogger stealer

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

a6f6e18a65c1b0247944a3d52d26d7616290ef28c8aba5b48253d125887e83dc.exe

Resource

win10v2004-20241007-en

snakekeylogger discovery keylogger stealer

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
pakcentar.ba
Port:
587
Username:
[email protected]
Password:
Almir.KardasPC!18_
Email To:
[email protected]

Targets

- Target
  
  a6f6e18a65c1b0247944a3d52d26d7616290ef28c8aba5b48253d125887e83dc.exe
- Size
  
  924KB
- MD5
  
  39fe6aa3bfcf971e363ec7865079fa05
- SHA1
  
  7f97b49491bcda0402a02d0a1946b0853c507d6e
- SHA256
  
  a6f6e18a65c1b0247944a3d52d26d7616290ef28c8aba5b48253d125887e83dc
- SHA512
  
  46f3ea719488dc5a847baafb2e581f45845dd0fb902d7bcf50f6d865d1730d14d8d55b481be5f3be0be879766486e500ef5813d86bde7dc230d0dab90d2db40b
- SSDEEP
  
  12288:rLkcoxg7v3qnC11ErwIhh0F4qwUgUny5QLwlVZGnxitFM+pJiADs/3FzmaE:ffmMv6Ckr7Mny5QLbnHYius1mL
Score

10^/10

snakekeylogger discovery keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Snakekeylogger family
  snakekeylogger
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

snakekeyloggerdiscoverykeyloggerstealer

behavioral2

snakekeyloggerdiscoverykeyloggerstealer

© 2018-2025

Terms | Privacy