Rewterz Threat Alert – APT Group Gamaredon – Active IOCs
September 6, 2022Rewterz Threat Alert – SystemBC Malware – Active IOCs
September 6, 2022Rewterz Threat Alert – APT Group Gamaredon – Active IOCs
September 6, 2022Rewterz Threat Alert – SystemBC Malware – Active IOCs
September 6, 2022Severity
Medium
Analysis Summary
Snake is a modular .NET keylogger and credential stealer first spotted in late November 2020. Since then, new campaigns spreading this malware have been seen almost daily. Snake’s name was derived from strings found in its log files and string obfuscation code. Using the malware’s builder, a threat actor can select and configure desired features then generate new payloads. For this reason, the capabilities of samples found in the wild can vary. Analysing Snake reveals that it is a comprehensive keylogger and data stealer.
Impact
- Credential Theft
Indicators of Compromise
MD5
- f8207b812176103273b82607d3aee04a
- 323217475530c0539cc50e5f2e6d7020
- c21f3c62e113daf1f4f87161c6632c4a
SHA-256
- 2d1f7839b1a09da19fce710d75d56584e99cf2b4370b912b05511eb52e8c9e60
- be2cdcef94ce766070fa9b634b235dbd47c197630848ec4cd35f48d1f608a294
- 91e81bbe8bad4d6a7bc71eb8ea04edb04553bde2df09e4a3066b9cd33267cbfd
SHA-1
- 1511143965f1b62a4299ca759ac5bba6ee60fa7b
- b2c9027634885625c48893159468983bba01494b
- 6051033480d013927c793c2738e7a2ec5d13d509
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment