SnakeKeylogger: Multistage Info Stealer Malware Analysis & Prevention

SUMMARY :

SnakeKeylogger is a highly active credential-stealing malware targeting individuals and businesses. It employs a multi-stage infection chain, starting with malicious spam emails containing .img files. The malware uses sophisticated techniques like process hollowing and obfuscation to evade detection. It targets various applications, including web browsers, email clients, and FTP software, to harvest sensitive data and credentials. The campaign utilizes an Apache server for malware distribution, regularly updating encrypted payloads. SnakeKeylogger's primary objective is to collect Outlook profile credentials, email configurations, and stored authentication details, which can be exploited for business email compromise or sold on underground markets.

OPENCTI LABELS :

info-stealer,obfuscation,multi-stage,snakekeylogger,credential-theft,process-hollowing,spam-email,apache-server


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


SnakeKeylogger: Multistage Info Stealer Malware Analysis & Prevention