Rewterz Threat Alert – MuddyWater APT – Active IOCs
July 2, 2022Rewterz Threat Alert – Cobalt Strike Malware – Active IOCs
July 2, 2022Rewterz Threat Alert – MuddyWater APT – Active IOCs
July 2, 2022Rewterz Threat Alert – Cobalt Strike Malware – Active IOCs
July 2, 2022Severity
Medium
Analysis Summary
Snake is a modular .NET keylogger and credential stealer first spotted in late November 2020. Since then, new campaigns spreading this malware have been seen almost daily. Snake’s name was derived from strings found in its log files and string obfuscation code. Using the malware’s builder, a threat actor can select and configure desired features then generate new payloads. For this reason, the capabilities of samples found in the wild can vary. Analysing Snake reveals that it is a comprehensive keylogger and data stealer.
Impact
- Credential Theft
Indicators of Compromise
MD5
- b73ccd07bd09ab666dfd8d72cb8d4907
SHA-256
- f1312900d32d42e3cb62a876aded09ad730ee2ff5324a6bc03058c015b1516b3
SHA-1
- 4262c2c2f6e5cd5dca4f2535759f8444ac20b74c
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment