snakekeylogger | f8d16a2a7da4ed223329f2bb59f3e0296b6e3b36dee8f7e40a4c0d276a83032d | Triage

Submit
Reports

Overview

overview

Static

static

Sale_Contract.com.exe

windows7_x64

Sale_Contract.com.exe

windows10_x64

Sharing

General

Target

Sale_Contract.com.exe
Size

834KB
Sample

210121-d4qczq1dds
MD5

82da026cdda027fa16a19d91794c5f9e
SHA1

354c3df735d48efaba85680367a1bcb8af5e1c7d
SHA256

f8d16a2a7da4ed223329f2bb59f3e0296b6e3b36dee8f7e40a4c0d276a83032d
SHA512

d96994ca3f771a7e31ef7abfdb27526fd8a5c30e18255a2457831d70fdec9e9b4017c3e977de2a1c801112cd450eff7140642d45d527378e4bc6e6c1ba2ca9af

Score

10^/10

snakekeylogger keylogger ransomware stealer

Static task

static1

Behavioral task

behavioral1

Sample

Sale_Contract.com.exe

Resource

win7v20201028

snakekeylogger keylogger ransomware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Sale_Contract.com.exe

Resource

win10v20201028

snakekeylogger keylogger stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Credentials

Protocol: smtp
Host:
smtp.yandex.com
Port:
587
Username:
smt.treat@yandex.com
Password:
WyhjVTBX5hjrgu7

Targets

- Target
  
  Sale_Contract.com.exe
- Size
  
  834KB
- MD5
  
  82da026cdda027fa16a19d91794c5f9e
- SHA1
  
  354c3df735d48efaba85680367a1bcb8af5e1c7d
- SHA256
  
  f8d16a2a7da4ed223329f2bb59f3e0296b6e3b36dee8f7e40a4c0d276a83032d
- SHA512
  
  d96994ca3f771a7e31ef7abfdb27526fd8a5c30e18255a2457831d70fdec9e9b4017c3e977de2a1c801112cd450eff7140642d45d527378e4bc6e6c1ba2ca9af
Score

10^/10

snakekeylogger keylogger ransomware stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger Payload
- Drops startup file
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Enumerates physical storage devices
  Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
  ransomware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

snakekeyloggerkeyloggerransomwarestealer

behavioral2

snakekeyloggerkeyloggerstealer

© 2018-2024

Terms | Privacy