November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Alert – APT MustangPanda – Active IOCs
July 14, 2022Rewterz Threat Alert – REvil Ransomware – Active IOCs
July 14, 2022Rewterz Threat Alert – APT MustangPanda – Active IOCs
July 14, 2022Rewterz Threat Alert – REvil Ransomware – Active IOCs
July 14, 2022
Severity
Medium
Analysis Summary
Snake is a modular .NET keylogger and credential stealer first spotted in late November 2020. Since then, new campaigns spreading this malware have been seen almost daily. Snake’s name was derived from strings found in its log files and string obfuscation code. Using the malware’s builder, a threat actor can select and configure desired features then generate new payloads. For this reason, the capabilities of samples found in the wild can vary. Analysing Snake reveals that it is a comprehensive keylogger and data stealer.
Impact
- Credential Theft
Indicators of Compromise
MD5
- 911df0c54431f2895c2dd36cc2060587
- 162fa3b1bd235b0ca0cd3a98a63790e0
SHA-256
- cf0a6bc42740bf38caf87418ba9a7b8bf05a8de6e4f217f18788d06a1c30b3fd
- 88127a86496c370ba801ddbc1caa5866987669aa0c6bf89138595d3493efd415
SHA-1
- eedbebc111b5092feb02be54f26c3857f2cf4fe0
- 41df0e705c621dd412a4784d9aafc824a3f85f2d
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment