Rewterz Threat Alert – Donot APT Group – Active IOCs
June 27, 2022Rewterz Threat Alert – DanaBot Trojan – Active IOCs
June 27, 2022Rewterz Threat Alert – Donot APT Group – Active IOCs
June 27, 2022Rewterz Threat Alert – DanaBot Trojan – Active IOCs
June 27, 2022Severity
Medium
Analysis Summary
Snake is a modular .NET keylogger and credential stealer first spotted in late November 2020. Since then, new campaigns spreading this malware have been seen almost daily. Snake’s name was derived from strings found in its log files and string obfuscation code. Using the malware’s builder, a threat actor can select and configure desired features then generate new payloads. For this reason, the capabilities of samples found in the wild can vary. Analysing Snake reveals that it is a comprehensive keylogger and data stealer.
Impact
- Credential Theft
Indicators of Compromise
MD5
- 98885a49acb18833bf0a73ce8693a0e3
SHA-256
- f77b7a53564f8553d56104dc2ef6e13a18aceeee08365418c2181cfc765279b8
SHA-1
- 9870f8278b583460b544bb3486c5104b701a8d9a
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment