Rewterz Threat Alert – Calypso APT Group’s Attack On A Telecommunications Company In Kazakhstan – Active IOCs
May 4, 2022Rewterz Threat Advisory – CVE-2022-28193 – NVIDIA Jetson Linux Driver Package Vulnerability
May 5, 2022Rewterz Threat Alert – Calypso APT Group’s Attack On A Telecommunications Company In Kazakhstan – Active IOCs
May 4, 2022Rewterz Threat Advisory – CVE-2022-28193 – NVIDIA Jetson Linux Driver Package Vulnerability
May 5, 2022Severity
Medium
Analysis Summary
Snake is a modular .NET keylogger and credential stealer first spotted in late November 2020. Since then, new campaigns spreading this malware have been seen almost daily. Snake’s name was derived from strings found in its log files and string obfuscation code. Using the malware’s builder, a threat actor can select and configure desired features then generate new payloads. For this reason, the capabilities of samples found in the wild can vary. Analysing Snake reveals that it is a comprehensive keylogger and data stealer.
Impact
- Credential Theft
Indicators of Compromise
MD5
- dcb7eb5b0d29eaa06ed10d93b5b05875
SHA-256
- 859f9ec9998203f25efb38f3487739606947c36d9763e4bb276cc068e380ea97
SHA-1
- 52d52a1d4628524a651e3dc3b165a6118002c25b
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment