Rewterz Threat Alert – DJVU Ransomware – Active IOCs
June 23, 2022Rewterz Threat Alert – LokiBot Malware – Active IOCs
June 23, 2022Rewterz Threat Alert – DJVU Ransomware – Active IOCs
June 23, 2022Rewterz Threat Alert – LokiBot Malware – Active IOCs
June 23, 2022Severity
Medium
Analysis Summary
Snake is a modular .NET keylogger and credential stealer first spotted in late November 2020. Since then, new campaigns spreading this malware have been seen almost daily. Snake’s name was derived from strings found in its log files and string obfuscation code. Using the malware’s builder, a threat actor can select and configure desired features then generate new payloads. For this reason, the capabilities of samples found in the wild can vary. Analysing Snake reveals that it is a comprehensive keylogger and data stealer.
Impact
- Credential Theft
Indicators of Compromise
MD5
- 3f757ca90fe03fa4d98079ac46419036
SHA-256
- 210702414590304946f6d8c5afac6a0b702e6268ba97b3eff88df86b14ebbf66
SHA-1
- dd2d8cc8b9bcb6114032c31f2d6bc57e0ae07be8
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment