• Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Press Release
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – Remcos RAT – Active IOCs
September 11, 2022
Rewterz Threat Alert – Ryuk Ransomware – Active IOCs
September 11, 2022

Rewterz Threat Alert – Snake Keylogger’s Malware – Active IOCs

September 11, 2022

Severity

Medium

Analysis Summary

Snake is a modular .NET keylogger and credential stealer first spotted in late November 2020. Since then, new campaigns spreading this malware have been seen almost daily. Snake’s name was derived from strings found in its log files and string obfuscation code. Using the malware’s builder, a threat actor can select and configure desired features then generate new payloads. For this reason, the capabilities of samples found in the wild can vary. Analysing Snake reveals that it is a comprehensive keylogger and data stealer.

Impact

  • Credential Theft

Indicators of Compromise

MD5

  • 36e4f762e5ee160bc9417fa24e8eef2c
  • 9cd4210ef1f8b56a77cdd29f42f97856
  • 50ed1c9fa4fb4ff38ad6754183b5b3ef

SHA-256

  • 5d1a0aadb2c6564ddef639c6d6f1a987ab10cb28b0ce4b519d2b025bca91e20e
  • 74be943dc609e0f46ffc2dea393bbc77c03fc02b16d343b82fe241cb29477255
  • a202f5194bc6c7ca2e825590fd3ca642696fcee88441832d386918b576381371

SHA-1

  • c82ba17f240172ebef646ff8f0ea5b9d8de5694b
  • db4ad8c0d8debc037154f587b8ce33877732dbc3
  • eab5e3523c6dc24cf741ebfabe6048b0ffa93c06

Remediation

  • Block all threat indicators at your respective controls.
  • Search for IOCs in your environment
  • Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.