Rewterz Threat Alert – Nanocore Rat – Active IOCs
June 17, 2022Rewterz Threat Alert – GuLoader Malspam Campaign – Active IOCs
June 17, 2022Rewterz Threat Alert – Nanocore Rat – Active IOCs
June 17, 2022Rewterz Threat Alert – GuLoader Malspam Campaign – Active IOCs
June 17, 2022Severity
Medium
Analysis Summary
Snake is a modular .NET keylogger and credential stealer first spotted in late November 2020. Since then, new campaigns spreading this malware have been seen almost daily. Snake’s name was derived from strings found in its log files and string obfuscation code. Using the malware’s builder, a threat actor can select and configure desired features then generate new payloads. For this reason, the capabilities of samples found in the wild can vary. Analysing Snake reveals that it is a comprehensive keylogger and data stealer.
Impact
- Credential Theft
Indicators of Compromise
MD5
- 634f0c5ca3e90021fc11776dd64c7b2c
SHA-256
- e36d8245a92e8ea1f7d8b5145449d82ec3bdbdd7e3f369306dc065d2396b392e
SHA-1
- 4fa72decf07b94b63bee21f5714d011519f80e9c
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment