Rewterz Threat Alert – Agent Tesla Malware – Active IOCs
April 8, 2022Rewterz Threat Alert – Oski Data Stealer Malware – Active IOCs
April 8, 2022Rewterz Threat Alert – Agent Tesla Malware – Active IOCs
April 8, 2022Rewterz Threat Alert – Oski Data Stealer Malware – Active IOCs
April 8, 2022Severity
Medium
Analysis Summary
Snake is a modular .NET keylogger and credential stealer first spotted in late November 2020. Since then, new campaigns spreading this malware have been seen almost daily. Snake’s name was derived from strings found in its log files and string obfuscation code. Using the malware’s builder, a threat actor can select and configure desired features then generate new payloads. For this reason, the capabilities of samples found in the wild can vary. Analysing Snake reveals that it is a comprehensive keylogger and data stealer.
Impact
- Credential Theft
Indicators of Compromise
MD5
- 5cebb01c77c88f49771883f4bad93b18
SHA-256
- 580623b3323c1781f3a81411ead6dc05148c612c6acfbcf339710acda2672d61
SHA-1
- 69d2ff83f2195b09eefddf80547e8898dfe9810c
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment