Rewterz Threat Alert – Snake Keylogger’s Malware

Rewterz Threat Alert – Calypso APT Group’s Attack On A Telecommunications Company In Kazakhstan – Active IOCs

May 4, 2022

Rewterz Threat Advisory – CVE-2022-28193 – NVIDIA Jetson Linux Driver Package Vulnerability

May 5, 2022

Rewterz Threat Alert – Snake Keylogger’s Malware – Active IOCs

Severity

Medium

Analysis Summary

Snake is a modular .NET keylogger and credential stealer first spotted in late November 2020. Since then, new campaigns spreading this malware have been seen almost daily. Snake’s name was derived from strings found in its log files and string obfuscation code. Using the malware’s builder, a threat actor can select and configure desired features then generate new payloads. For this reason, the capabilities of samples found in the wild can vary. Analysing Snake reveals that it is a comprehensive keylogger and data stealer.

Impact

Credential Theft

Indicators of Compromise

MD5

dcb7eb5b0d29eaa06ed10d93b5b05875

SHA-256

859f9ec9998203f25efb38f3487739606947c36d9763e4bb276cc068e380ea97

SHA-1

52d52a1d4628524a651e3dc3b165a6118002c25b

Remediation

Block all threat indicators at your respective controls.
Search for IOCs in your environment