Rewterz Threat Alert – RedLine Stealer – Active IOCs
June 1, 2022Rewterz Threat Alert – Lazarus APT Group – Active IOCs
June 1, 2022Rewterz Threat Alert – RedLine Stealer – Active IOCs
June 1, 2022Rewterz Threat Alert – Lazarus APT Group – Active IOCs
June 1, 2022Severity
Medium
Analysis Summary
Snake is a modular .NET keylogger and credential stealer first spotted in late November 2020. Since then, new campaigns spreading this malware have been seen almost daily. Snake’s name was derived from strings found in its log files and string obfuscation code. Using the malware’s builder, a threat actor can select and configure desired features then generate new payloads. For this reason, the capabilities of samples found in the wild can vary. Analysing Snake reveals that it is a comprehensive keylogger and data stealer.
Impact
- Credential Theft
Indicators of Compromise
MD5
6f2e542170b003630ff37ccbcf8f0814
SHA-256
637975012cf4c551299419a4b3e52eae50743971a0ead8931d87a5a88072cf07
SHA-1
67830615a24b521c07105036837ec190995709e4
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment