Rewterz Threat Alert – RedLine Stealer – Active IOCs
September 4, 2022Rewterz Threat Update – Samsung Confirms A Second Data Breach This Year
September 4, 2022Rewterz Threat Alert – RedLine Stealer – Active IOCs
September 4, 2022Rewterz Threat Update – Samsung Confirms A Second Data Breach This Year
September 4, 2022Severity
Medium
Analysis Summary
Snake is a modular .NET keylogger and credential stealer first spotted in late November 2020. Since then, new campaigns spreading this malware have been seen almost daily. Snake’s name was derived from strings found in its log files and string obfuscation code. Using the malware’s builder, a threat actor can select and configure desired features then generate new payloads. For this reason, the capabilities of samples found in the wild can vary. Analysing Snake reveals that it is a comprehensive keylogger and data stealer.
Impact
- Credential Theft
Indicators of Compromise
MD5
- 1f833a0caa92a3f51bc7f4dc95025716
- 2286ec7ec774243da092b160bfb99b77
- 05271d1bc0483ea2a38cc5d18f99e5a3
SHA-256
- f3db1e8a58628c87eee0e253de8bbf0a697f628b4fe500a32fe44c679ae07a20
- 04f03fd2ca5901c6f17d44e741c0a8ffb71b6029f8d317377460f0314b8473f9
- d64db30dc78fe6e8e527f19ca7e5d2e8224d01b5a7c747165f0747ec62867faa
SHA-1
- 1e5f103d8de45d4c91701398c60bcdfeb30dd117
- 23ea1d7f3ffc9ea1cafdfcd101a0fe49acdb12c3
- 79a9b8c3070d9b6b385ea571f03fb1ce1134938f
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment