• Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Press Release
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – IcedID banking Trojan – Active IOCs
February 7, 2022
Rewterz Threat Alert – LockBit Ransomware Attacks Again – Active IOCs
February 7, 2022

Rewterz Threat Alert – SNAKE Ransomware – Active IOCs

February 7, 2022

Severity

High

Analysis Summary

Snake emerged for the first time in late November 2020. Since November 2020, malicious actors have started releasing Snake through phishing attacks. Snake Ransomware is built-in Golang, an open-source programming language that supports several operating systems. It deletes the computer’s Shadow Volume Copies and terminates processes linked to SCADA systems, virtual machines, industrial control systems, remote management tools, network management applications, and other programs. This ransomware has been attacking industrial control systems’ operations and files. Snake bypasses all Windows and other system directories on the machine during encryption. In comparison to other ransomware attacks, its encryption procedure is slower.

Impact

  • File Encryption

Indicators of Compromise

Filename

  • IEnumIDENTITYATTRIBU[.]exe
  • pblv[.]dll

MD5

  • c986fb162e5e98bebeac8fa3daf5a7b1
  • aaa36ef861b6944bb67a72da84ba0782
  • c40191e8131402b271f17d1ec9964dda
  • 629a737d50c3d782fc0f6b46b7f7546e
  • ef36021e8dd588f8153048c4e02c9d6d

SHA-256

  • d7689bba1680a4c8cc886f750e531180407b2a6dc95fb65ebb0680314358af67
  • 5ff4fbdad747a2f28ebac2a1aaf6c95bf1fbafb38d22b96801879b2e4aba8426
  • 0619ba2847decac226b0d534a8a4b526cb9a7196ff3d684170976cab6d2c470b
  • 2156d149e2ef70cecf65f6b458e3745bc32236d8496662a3fa656287b5d7ac3a
  • a93dde650adedc95caddd2ccd08fea3f53b1d58ce58d44854353b5a5f43126df

SHA-1

  • f8fe52ed546b41442a42ef7a2b01c5448d218fb0
  • 9701ce195f5e3d8b84d1d37d2b52ecde0155d025
  • 978d1f005d7a59d74c496c409c4a874e84e0c417
  • e3cf257c922dd80ecacf07c4e4c325a2dfe75f72
  • f80db6988c1c32255f03fa619c4197c80008ba84

Remediation

  • Block all threat indicators at your respective controls.
  • Search for IOCs in your environment
  • Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.