snakekeylogger | 22b68a9da252f7bf1200cf9050c7492f7c8ec26f645119e22c64b64bce44ab96 | Triage

Submit
Reports

Overview

overview

Static

static

3

faktura PL... .scr

windows10-2004-x64

Sharing

General

Target

faktura_PLN_11_242.83_pdf_________________________________________________________________.img
Size

90KB
Sample

250414-sqwgka1was
MD5

634f910cfdd4f4a911faaede71dbc1b7
SHA1

d41cdc6f26d9c31f3ed12ddef94b03b759ec93c0
SHA256

22b68a9da252f7bf1200cf9050c7492f7c8ec26f645119e22c64b64bce44ab96
SHA512

91bce06a7ba4fcbbee280607c938e9abe4f8a8df1cc7b187c3f08bb4c3303ab6cf89a149ffd9d46a158e62b6cb77344d72bfbb22a4e599a199d6b68c04e30cab
SSDEEP

768:gm56Om/sAb0BgmhQ2mEF0KSCdgKk0Dqo0jgWDu01L3x+1ga:169EAwBgmhQ2mEF0skC6dc1ga

Score

10^/10

snakekeylogger collection keylogger stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

faktura PLN 11,242.83_pdf .scr

Resource

win10v2004-20250314-en

snakekeylogger collection keylogger stealer

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot7949470700:AAFn2qNN6gr70Yu8GL1tjixCC59lH1vIsb4/sendMessage?chat_id=1018401531

Targets

- Target
  
  faktura PLN 11,242.83_pdf .scr
- Size
  
  30KB
- MD5
  
  27b1ddaf62cfcdf4c43b4c6cff03e2b2
- SHA1
  
  11b0cb163c84530b8d46cf826f331435c61e11c5
- SHA256
  
  05b8fb268ef66034d4922652457db7e388b39213886e368611c4a1f994773349
- SHA512
  
  7a6733f2ceda906c9ed27e51757a01595160bd420f5b4a96c9cd943cc3b65ddba9d5ec14d764ca23f121757c5607c3840b0fbef9a4be4c2c27c3f346766fde69
- SSDEEP
  
  768:Z56Om/sAb0BgmhQ2mEF0KSCdgKk0Dqo0jgWDu01L3x+1ga:H69EAwBgmhQ2mEF0skC6dc1ga
Score

10^/10

snakekeylogger collection keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- Snakekeylogger family
  snakekeylogger
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

snakekeyloggercollectionkeyloggerstealer

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.