Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs
September 12, 2022Rewterz Threat Alert – DarkCrystal RAT (DCRat) – Active IOCs
September 12, 2022Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs
September 12, 2022Rewterz Threat Alert – DarkCrystal RAT (DCRat) – Active IOCs
September 12, 2022Severity
Medium
Analysis Summary
Snake is a modular .NET keylogger and credential stealer first spotted in late November 2020. Since then, new campaigns spreading this malware have been seen almost daily. Snake’s name was derived from strings found in its log files and string obfuscation code. Using the malware’s builder, a threat actor can select and configure desired features then generate new payloads. For this reason, the capabilities of samples found in the wild can vary. Analysing Snake reveals that it is a comprehensive keylogger and data stealer.
Impact
- Credential Theft
Indicators of Compromise
MD5
- 560d98818831ab073e69f636084bcec4
- 8caeede003c4c926b18a3417e1093456
SHA-256
- 367476973b5c300f5f38c50d8de7c813ad540137c0dff4c46d333fda0fd7b706
- 27d0e9216e9f98398cade44be9bff2a7f94e7bd08781574e29962af35c7d9c88
SHA-1
- 715bbffd16b2079184d8c9d7bb1e25f06ca684f5
- 23ad07d88d1da7261f72ade6ab60f187555fd3af
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment