Rewterz Threat Advisory – CVE-2022-41107 – Microsoft Office Graphics Vulnerability
November 22, 2022Rewterz Threat Alert – Bitter APT Group – Active IOCs
November 22, 2022Rewterz Threat Advisory – CVE-2022-41107 – Microsoft Office Graphics Vulnerability
November 22, 2022Rewterz Threat Alert – Bitter APT Group – Active IOCs
November 22, 2022Severity
Medium
Analysis Summary
Snake is a modular .NET keylogger that was first spotted in late November 2020. Snake malware’s main feature is keylogging, but it also has additional capabilities such as taking screenshots and extracting data from the clipboard. Snake can also extract and exfiltrate data from browsers and email clients.
Snake’s name was derived from strings found in its log files and string obfuscation code. Using the malware’s builder, a threat actor can select and configure desired features and then generate new payloads. For this reason, the capabilities of samples found in the wild can vary.
Impact
- Credential Theft
Indicators of Compromise
MD5
818ecf3c482f41fce0665a201c5fc9c2
0a60c8ce39b7fd34a7dc692587d32bb0
SHA-256
603c65b2b09350e082988218579ccbc2ae98de0b93d6b188311dc37d6777658b
64ef899448c228e4d02af5b452876418353d1633f55eb7776cd398ea86e8b2eb
SHA-1
7847c1239094ab7e1edea23919d845d5be83521d
dc487094a38f88817ebf10273edaaa44bae1f0e1
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.