Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs
September 13, 2022Rewterz Threat Advisory – Multiple Apple Safari WebKit Vulnerabilities
September 13, 2022Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs
September 13, 2022Rewterz Threat Advisory – Multiple Apple Safari WebKit Vulnerabilities
September 13, 2022Severity
Medium
Analysis Summary
Snake is a modular .NET keylogger and credential stealer first spotted in late November 2020. Since then, new campaigns spreading this malware have been seen almost daily. Snake’s name was derived from strings found in its log files and string obfuscation code. Using the malware’s builder, a threat actor can select and configure desired features then generate new payloads. For this reason, the capabilities of samples found in the wild can vary. Analysing Snake reveals that it is a comprehensive keylogger and data stealer.
Impact
- Credential Theft
Indicators of Compromise
MD5
- 0428aee5565f3ddf92acc44d1ced7ff2
SHA-256
- 05f7f0302550e69fe3d24cfd9eef9a3f186f2742a15f4fb928463d14e0ab282d
SHA-1
- ca6ae7e244efceab3ae86b660bedd4bfbf7275f8
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment