Rewterz Threat Alert – Dridex Banking Trojan – Active IOCs
June 7, 2022Rewterz Threat Alert – Phobos Ransomware – Active IOCs
June 7, 2022Rewterz Threat Alert – Dridex Banking Trojan – Active IOCs
June 7, 2022Rewterz Threat Alert – Phobos Ransomware – Active IOCs
June 7, 2022Severity
Medium
Analysis Summary
Snake is a modular .NET keylogger and credential stealer first spotted in late November 2020. Since then, new campaigns spreading this malware have been seen almost daily. Snake’s name was derived from strings found in its log files and string obfuscation code. Using the malware’s builder, a threat actor can select and configure desired features then generate new payloads. For this reason, the capabilities of samples found in the wild can vary. Analysing Snake reveals that it is a comprehensive keylogger and data stealer.
Impact
- Credential Theft
Indicators of Compromise
MD5
- 0f2c54a326ed6af2aad7cd6eea8ba79b
- a0c9f05b46265de04bb5a793dcf6a479
SHA-256
- 86b8a97c85ffb2a8d95daca1f730b45bb92fa8c8de0df927cd79bb1d7ee83dc9
- 9481aaf648de57ecfd38ddac3a01747a9637bfaa84e9b1dce9a481c257b1728d
SHA-1
- e0362e65c57a48b801a96cdc05f9f167c5cb4e76
- ab8e4a79076e64e9d56ce1e3978a1c0d7cf37696
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment