snakekeylogger | 87b3487f64f3be55dd90700c67617d28a65457759e801cefd5369872e3dc2c7f | Triage

Submit
Reports

Overview

overview

Static

static

3

0aa00f0470...18.exe

windows7-x64

0aa00f0470...18.exe

windows10-2004-x64

Sharing

General

Target

0aa00f0470dc38c15fe8e99376c5e272_JaffaCakes118
Size

1.1MB
Sample

240624-yy9baa1clg
MD5

0aa00f0470dc38c15fe8e99376c5e272
SHA1

e5ac210cb54910b2b21ce1845675540b5fdb049e
SHA256

87b3487f64f3be55dd90700c67617d28a65457759e801cefd5369872e3dc2c7f
SHA512

4ccc93058ff0d7db90547713abe8c48985cd7ffe28ac74bdea89967d3ee5003cc3fbf7402e7effe210032a131c314b96fe9bb94b30045b0becc69fae982a029d
SSDEEP

12288:GVmMp+Nj6jRPLjRPqjBjjyjBjBjBjBjLj3QoL6o2LE59w8t1chat8Z2hWfTa5hBt:EQpo2LY241cMt7h2Tacul1aWM8M5

Score

10^/10

snakekeylogger keylogger stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0aa00f0470dc38c15fe8e99376c5e272_JaffaCakes118.exe

Resource

win7-20240220-en

snakekeylogger keylogger stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

0aa00f0470dc38c15fe8e99376c5e272_JaffaCakes118.exe

Resource

win10v2004-20240508-en

snakekeylogger keylogger stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

snakekeylogger

C2

https://api.telegram.org/bot1599185091:AAFwjZ99E4P1IuAWSo1Ue568J97WLOPoV88/sendMessage?chat_id=652007142

Targets

- Target
  
  0aa00f0470dc38c15fe8e99376c5e272_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  0aa00f0470dc38c15fe8e99376c5e272
- SHA1
  
  e5ac210cb54910b2b21ce1845675540b5fdb049e
- SHA256
  
  87b3487f64f3be55dd90700c67617d28a65457759e801cefd5369872e3dc2c7f
- SHA512
  
  4ccc93058ff0d7db90547713abe8c48985cd7ffe28ac74bdea89967d3ee5003cc3fbf7402e7effe210032a131c314b96fe9bb94b30045b0becc69fae982a029d
- SSDEEP
  
  12288:GVmMp+Nj6jRPLjRPqjBjjyjBjBjBjBjLj3QoL6o2LE59w8t1chat8Z2hWfTa5hBt:EQpo2LY241cMt7h2Tacul1aWM8M5
Score

10^/10

snakekeylogger keylogger stealer
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

snakekeyloggerkeyloggerstealer

behavioral2

snakekeyloggerkeyloggerstealer

© 2018-2024

Terms | Privacy