March 11, 2025

March 11, 2025

SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, the Middle East, and Africa – Active IOCs

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

March 11, 2025

Strela Stealer Malware Targets Microsoft Outlook Users for Credential Theft – Active IOCs

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

March 11, 2025

EncryptHub: A Multi-Stage Malware Breach Impacting 600 Organizations – Active IOCs

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

March 11, 2025

SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, the Middle East, and Africa – Active IOCs

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

March 11, 2025

Strela Stealer Malware Targets Microsoft Outlook Users for Credential Theft – Active IOCs

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

March 11, 2025

EncryptHub: A Multi-Stage Malware Breach Impacting 600 Organizations – Active IOCs

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

Rewterz Threat Alert – AveMaria RAT – Active IOCs

September 18, 2022

Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs

September 18, 2022

Rewterz Threat Alert – Snake Keylogger’s Malware – Active IOCs

September 18, 2022

Severity

Medium

Analysis Summary

Snake is a modular .NET keylogger and credential stealer first spotted in late November 2020. Since then, new campaigns spreading this malware have been seen almost daily. Snake’s name was derived from strings found in its log files and string obfuscation code. Using the malware’s builder, a threat actor can select and configure desired features then generate new payloads. For this reason, the capabilities of samples found in the wild can vary. Analysing Snake reveals that it is a comprehensive keylogger and data stealer.

Impact

Credential Theft

Indicators of Compromise

MD5

0398ad5bdd89eaaa5846f523f4965b63
3cea5de881d6e75a2339057080544c8e
3f4bc3cecc631cde49babe6d047dfd9f

SHA-256

722a3599f70c013fe933904f6b7e64e5a4c4db633dc1940fd1f58961de4c9e07
aad00db4310d0c0fb83402476deddf7e1841e5837bc6514d1e90c73b262c5568
01533b1619bd915c999d6ea3fbe658a8bea193df8ff6f0f62303ce162a42905e

SHA-1

dedc40aa574bf79036e8ad271840b1d93b3cac16
c9e51d5bfdc61ade3713667302eb880aa0a9f7c1
9eccbaef8c89fc8506bafbc40af7eee94b679a47

Remediation

Block all threat indicators at your respective controls.
Search for IOCs in your environment

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, the Middle East, and Africa – Active IOCs

Strela Stealer Malware Targets Microsoft Outlook Users for Credential Theft – Active IOCs

EncryptHub: A Multi-Stage Malware Breach Impacting 600 Organizations – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, the Middle East, and Africa – Active IOCs

Strela Stealer Malware Targets Microsoft Outlook Users for Credential Theft – Active IOCs

EncryptHub: A Multi-Stage Malware Breach Impacting 600 Organizations – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – AveMaria RAT – Active IOCs

Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs