Rewterz Threat Alert – Amadey Botnet – Active IOCs
April 4, 2022Rewterz Threat Alert – ICS: Schneider Electric SCADAPack Workbench Vulnerability
April 4, 2022Rewterz Threat Alert – Amadey Botnet – Active IOCs
April 4, 2022Rewterz Threat Alert – ICS: Schneider Electric SCADAPack Workbench Vulnerability
April 4, 2022Severity
Medium
Analysis Summary
Snake is a modular .NET keylogger and credential stealer first spotted in late November 2020. Since then, new campaigns spreading this malware have been seen almost daily. Snake’s name was derived from strings found in its log files and string obfuscation code. Using the malware’s builder, a threat actor can select and configure desired features then generate new payloads. For this reason, the capabilities of samples found in the wild can vary. Analysing Snake reveals that it is a comprehensive keylogger and data stealer.
Impact
- Credential Theft
Indicators of Compromise
MD5
- 1d7b3c307de368e09614e12461f7d7b5
SHA-256
- d5de4ca7241e482ed0a791977ccd6ad884d1d6004b77dfa75a77c463a4ea3b58
SHA-1
- aab767fc8ba5202ae572bb246d3c7ad7621fdc15
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment