SnakeKeylogger – A Multistage Info Stealer Malware Campaign

SUMMARY :

This analysis explores a sophisticated malware campaign utilizing SnakeKeylogger, a credential-stealing threat. The attack begins with malicious spam emails containing disguised attachments. The infection chain involves multiple stages, including encrypted payload delivery, process hollowing, and stealthy execution. SnakeKeylogger targets various applications to harvest sensitive data, including web browsers, email clients, and FTP software. The malware employs advanced evasion techniques such as obfuscation and memory injection. It specifically targets Microsoft Outlook profiles and Wi-Fi credentials. The campaign demonstrates a structured approach with regular payload updates and abuse of legitimate servers for distribution. This threat poses significant risks for data theft and potential business email compromise.

OPENCTI LABELS :

info-stealer,obfuscation,snakekeylogger,process-hollowing


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


SnakeKeylogger – A Multistage Info Stealer Malware Campaign