ภาษาไทย
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#snakekeylogger ผลการค้นหา

RexorVc0's profile picture. Threat Researcher at @socradar | Malware Researcher | Threat Hunter | CTI ¦ Former @ElevenPaths @Panda_Security
Aaron Jornet
@RexorVc0
17 พ.ย.

📡New research #SnakeKeylogger | #404Keylogger evolution - One of the most ᵾꞥfamous #malware used by all kinds of #TA and #campaigns ⛓️ #Phishing | Fake link > Loader > Persistence > Load code > #Snake > Obtain info > #Telegram 🔎Full research: rexorvc0.com

RexorVc0's tweet image. 📡New research #SnakeKeylogger | #404Keylogger evolution - One of the most ᵾꞥfamous #malware used by all kinds of #TA and #campaigns ⛓️ #Phishing | Fake link > Loader > Persistence > Load code > #Snake > Obtain info > #Telegram 🔎Full research: rexorvc0.com
RexorVc0's tweet image. 📡New research #SnakeKeylogger | #404Keylogger evolution - One of the most ᵾꞥfamous #malware used by all kinds of #TA and #campaigns ⛓️ #Phishing | Fake link > Loader > Persistence > Load code > #Snake > Obtain info > #Telegram 🔎Full research: rexorvc0.com
1
9
36
7
4พัน
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
10 ส.ค.

a7f94c1c466bd19f01ca9c354be773d6 Onlyhme@proton[.]me support@v5infotech[.]com mail[.]v5infotech[.]com #SnakeKeylogger

skocherhan's tweet image. a7f94c1c466bd19f01ca9c354be773d6 Onlyhme@proton[.]me support@v5infotech[.]com mail[.]v5infotech[.]com #SnakeKeylogger
skocherhan's tweet image. a7f94c1c466bd19f01ca9c354be773d6 Onlyhme@proton[.]me support@v5infotech[.]com mail[.]v5infotech[.]com #SnakeKeylogger
0
0
1
0
208
Gi7w0rm's profile picture. Threat Intelligence Analyst | See my Linktree for other socials | In case I post false intel, contact me! Support me: https://t.co/5WgDqr0K8p 🇪🇺🇩🇪🇺🇦🌈
Gi7w0rm
 @Gi7w0rm
8 มี.ค. 2024

#SnakeKeylogger using #Telegram #C2 1652 unique Victim IPs identified, Actor Telegram Information: id: 5262627523 first_name: 30315 last_name: New Hope Bot Info: id: 6291795537 first_name: Aku1 username: Aku2bababot

Gi7w0rm's tweet image. #SnakeKeylogger using #Telegram #C2 1652 unique Victim IPs identified, Actor Telegram Information: id: 5262627523 first_name: 30315 last_name: New Hope Bot Info: id: 6291795537 first_name: Aku1 username: Aku2bababot
0
9
46
5
3พัน
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
1 มิ.ย.

0935516f3052337adcd315df104fe9aa sales2@mesbarkaveh[.]ir #SnakeKeylogger

skocherhan's tweet image. 0935516f3052337adcd315df104fe9aa sales2@mesbarkaveh[.]ir #SnakeKeylogger
0
0
1
0
222
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
1 มิ.ย.

832776c38c845e55ceae72ca6ffb6587 servereric38@gpsamsterdamqroup[.]com ericsnakelogger@dklak[.]cam #SnakeKeylogger #VIPKeylogger

skocherhan's tweet image. 832776c38c845e55ceae72ca6ffb6587 servereric38@gpsamsterdamqroup[.]com ericsnakelogger@dklak[.]cam #SnakeKeylogger #VIPKeylogger
0
0
1
0
185
GenThreatLabs's profile picture. A global network of #cybersecurity researchers at Gen, protecting nearly 500M people through our Cyber Safety brands - @Norton, @Avast, @LifeLock & more.
Gen Threat Labs
@GenThreatLabs
9 ต.ค.

🚨We are observing a new active #infostealer #SnakeKeylogger campaign. The threat is distributed via e-mails 📧 with sender aliases such as "CPA-Payment Files" impersonating CPAGlobal / @Clarivate. The e-mails contain ISO or ZIP files containing malicious BAT script downloading…

GenThreatLabs's tweet image. 🚨We are observing a new active #infostealer #SnakeKeylogger campaign. The threat is distributed via e-mails 📧 with sender aliases such as "CPA-Payment Files" impersonating CPAGlobal / @Clarivate. The e-mails contain ISO or ZIP files containing malicious BAT script downloading…
1
1
4
4
805
ryodan0x's profile picture. Nothing personal here .. just tech stuff
xRY0D4N
 @ryodan0x
12 เม.ย. 2023

I discovered that #SnakeKeylogger can start a communication using both FTP and SMTP as well as Telegram to send some collected information about the machine (find in images below), also the malware persists by creating a key value at SOFTWARE\Microsoft\Windows\CurrentVersion\Run.

ryodan0x's tweet image. I discovered that #SnakeKeylogger can start a communication using both FTP and SMTP as well as Telegram to send some collected information about the machine (find in images below), also the malware persists by creating a key value at SOFTWARE\Microsoft\Windows\CurrentVersion\Run.
ryodan0x's tweet image. I discovered that #SnakeKeylogger can start a communication using both FTP and SMTP as well as Telegram to send some collected information about the machine (find in images below), also the malware persists by creating a key value at SOFTWARE\Microsoft\Windows\CurrentVersion\Run.
ryodan0x's tweet image. I discovered that #SnakeKeylogger can start a communication using both FTP and SMTP as well as Telegram to send some collected information about the machine (find in images below), also the malware persists by creating a key value at SOFTWARE\Microsoft\Windows\CurrentVersion\Run.
ryodan0x's tweet image. I discovered that #SnakeKeylogger can start a communication using both FTP and SMTP as well as Telegram to send some collected information about the machine (find in images below), also the malware persists by creating a key value at SOFTWARE\Microsoft\Windows\CurrentVersion\Run.
1
8
25
7
4พัน
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
8 มิ.ย.

DHL_348255142_rar d2d301c2bb959dbb21c17cf3fca3124d alejandro.garcia@samacomendoza[.]com[.]ar #SnakeKeylogger

skocherhan's tweet image. DHL_348255142_rar d2d301c2bb959dbb21c17cf3fca3124d alejandro.garcia@samacomendoza[.]com[.]ar #SnakeKeylogger
0
1
1
0
147
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
8 พ.ค.

993ad61c00602e484415f04414b18d2d Creation Time 2025-05-07 06:18:34 UTC samet@imzalimetal[.]com[.]tr #SnakeKeylogger

skocherhan's tweet image. 993ad61c00602e484415f04414b18d2d Creation Time 2025-05-07 06:18:34 UTC samet@imzalimetal[.]com[.]tr #SnakeKeylogger
skocherhan's tweet image. 993ad61c00602e484415f04414b18d2d Creation Time 2025-05-07 06:18:34 UTC samet@imzalimetal[.]com[.]tr #SnakeKeylogger
0
0
2
0
145
James_inthe_box's profile picture.
James
 @James_inthe_box
3 ก.ค.

Been seeing a spate of side-loaded dll's...usually #snakekeylogger as of late: app.any.run/tasks/acf4c11a…

James_inthe_box's tweet image. Been seeing a spate of side-loaded dll's...usually #snakekeylogger as of late: app.any.run/tasks/acf4c11a…
2
5
46
7
5พัน
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
8 ส.ค.

e9ec4a29ee8e1e68cf0bd3ff77e74dfd ismail@senkar[.]com[.]tr akuwork38@gmail[.]com #SnakeKeylogger @TRCert

skocherhan's tweet image. e9ec4a29ee8e1e68cf0bd3ff77e74dfd ismail@senkar[.]com[.]tr akuwork38@gmail[.]com #SnakeKeylogger @TRCert
0
0
3
1
171
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
21 เม.ย.

Halkbank_Ekstre_620_01100333_exe 70ec09d595ac5ad07e597d096bc8e05d bigbellymann@yandex[.]com info@ozdenticaret[.]com[.]tr mail[.]ozdenticaret[.]com[.]tr:587 89[.]252[.]131[.]35 AS51559 Netinternet Bilisim Teknolojileri AS 🇹🇷 #SnakeKeylogger @Netinternet

skocherhan's tweet image. Halkbank_Ekstre_620_01100333_exe 70ec09d595ac5ad07e597d096bc8e05d bigbellymann@yandex[.]com info@ozdenticaret[.]com[.]tr mail[.]ozdenticaret[.]com[.]tr:587 89[.]252[.]131[.]35 AS51559 Netinternet Bilisim Teknolojileri AS 🇹🇷 #SnakeKeylogger @Netinternet
0
1
3
0
541
osipov_ar's profile picture. MSTIC RE @Microsoft | Ex @Morphisec, Check Point Research | RE, Malware & Threat hunting | Software Engineer.
Arnold Osipov
 @osipov_ar
15 มี.ค. 2023

#Snakekeylogger - .eml -> .onepkg -> .one -> .vbs -> .ps1 -> .exe Displays a lure PDF downloaded from #opendir http://37.139.128[.]83/golden.pdf hash:ab7cf645055bcfc176ce50c7b2702231ac2070185b0e173551c18232ad596d7d

osipov_ar's tweet image. #Snakekeylogger - .eml -> .onepkg -> .one -> .vbs -> .ps1 -> .exe Displays a lure PDF downloaded from #opendir http://37.139.128[.]83/golden.pdf hash:ab7cf645055bcfc176ce50c7b2702231ac2070185b0e173551c18232ad596d7d
osipov_ar's tweet image. #Snakekeylogger - .eml -> .onepkg -> .one -> .vbs -> .ps1 -> .exe Displays a lure PDF downloaded from #opendir http://37.139.128[.]83/golden.pdf hash:ab7cf645055bcfc176ce50c7b2702231ac2070185b0e173551c18232ad596d7d
osipov_ar's tweet image. #Snakekeylogger - .eml -> .onepkg -> .one -> .vbs -> .ps1 -> .exe Displays a lure PDF downloaded from #opendir http://37.139.128[.]83/golden.pdf hash:ab7cf645055bcfc176ce50c7b2702231ac2070185b0e173551c18232ad596d7d
osipov_ar's tweet image. #Snakekeylogger - .eml -> .onepkg -> .one -> .vbs -> .ps1 -> .exe Displays a lure PDF downloaded from #opendir http://37.139.128[.]83/golden.pdf hash:ab7cf645055bcfc176ce50c7b2702231ac2070185b0e173551c18232ad596d7d
0
6
23
1
4พัน
1ZRR4H's profile picture. 🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Germán Fernández
@1ZRR4H
20 ก.พ. 2023

⚠️ MALSPAM en progreso, dirigido a empresas en Colombia 🇨🇴 y suplantando a @UNALOficial (Universidad Nacional de Colombia). Remote template: http://104.168.32.152/O__O.DOC #SnakeKeylogger + #opendir http://104.168.32.152/8787/ + bazaar.abuse.ch/sample/180a541…

1ZRR4H's tweet image. ⚠️ MALSPAM en progreso, dirigido a empresas en Colombia 🇨🇴 y suplantando a @UNALOficial (Universidad Nacional de Colombia). Remote template: http://104.168.32.152/O__O.DOC #SnakeKeylogger + #opendir http://104.168.32.152/8787/ + bazaar.abuse.ch/sample/180a541…
1ZRR4H's tweet image. ⚠️ MALSPAM en progreso, dirigido a empresas en Colombia 🇨🇴 y suplantando a @UNALOficial (Universidad Nacional de Colombia). Remote template: http://104.168.32.152/O__O.DOC #SnakeKeylogger + #opendir http://104.168.32.152/8787/ + bazaar.abuse.ch/sample/180a541…
1ZRR4H's tweet image. ⚠️ MALSPAM en progreso, dirigido a empresas en Colombia 🇨🇴 y suplantando a @UNALOficial (Universidad Nacional de Colombia). Remote template: http://104.168.32.152/O__O.DOC #SnakeKeylogger + #opendir http://104.168.32.152/8787/ + bazaar.abuse.ch/sample/180a541…
1ZRR4H's tweet image. ⚠️ MALSPAM en progreso, dirigido a empresas en Colombia 🇨🇴 y suplantando a @UNALOficial (Universidad Nacional de Colombia). Remote template: http://104.168.32.152/O__O.DOC #SnakeKeylogger + #opendir http://104.168.32.152/8787/ + bazaar.abuse.ch/sample/180a541…
1
19
39
4
10พัน
tccontre18's profile picture. tweets are my own😉 Threat Researcher - interested in: (R.E, Red/Blue/Purple Team, DFIR, ML, Kernel, Exploit Dev) - https://t.co/qJyB5lIuHj
Br3akp0int
 @tccontre18
12 มี.ค. 2024

happy to share our latest #STRT Blog on #SnakeKeylogger! This includes the intriguing loader variant, Malware Analysis, TTPs we've extracted and a comprehensive list of our developed detections! 😊 #splunk #RE #int3 #blueteam #detectionengineering splunk.com/en_us/blog/sec…

tccontre18's tweet image. happy to share our latest #STRT Blog on #SnakeKeylogger! This includes the intriguing loader variant, Malware Analysis, TTPs we've extracted and a comprehensive list of our developed detections! 😊 #splunk #RE #int3 #blueteam #detectionengineering splunk.com/en_us/blog/sec…
tccontre18's tweet image. happy to share our latest #STRT Blog on #SnakeKeylogger! This includes the intriguing loader variant, Malware Analysis, TTPs we've extracted and a comprehensive list of our developed detections! 😊 #splunk #RE #int3 #blueteam #detectionengineering splunk.com/en_us/blog/sec…
tccontre18's tweet image. happy to share our latest #STRT Blog on #SnakeKeylogger! This includes the intriguing loader variant, Malware Analysis, TTPs we've extracted and a comprehensive list of our developed detections! 😊 #splunk #RE #int3 #blueteam #detectionengineering splunk.com/en_us/blog/sec…
0
29
68
22
5พัน
ShanHolo's profile picture. Another blue team member…..#CSIRT #DFIR #Malware #4n6 #ThreatIntel and following the white rabbit...
Shanholo
 @ShanHolo
3 ต.ค. 2024

🚨#Opendir #Malware🚨 hxxp://172.245.123.9/780/ ⚠️#SnakeKeyLogger ☣️dllhost.exe➡️46ce226283fb84a52a6a902fc7032363 📡C2:mail.kotobagroup.]com:587 🔑 User:[email protected] 🔑Pass:Kotoba@2022!

ShanHolo's tweet image. 🚨#Opendir #Malware🚨 hxxp://172.245.123.9/780/ ⚠️#SnakeKeyLogger ☣️dllhost.exe➡️46ce226283fb84a52a6a902fc7032363 📡C2:mail.kotobagroup.]com:587 🔑 User:kjlc@kotobagroup.com 🔑Pass:Kotoba@2022!
2
0
6
0
3พัน
James_inthe_box's profile picture.
James
 @James_inthe_box
24 พ.ย.

#snakekeylogger at: https://intesmak\.com/obitwo c2: https://api.telegram\.org/bot8099843793:AAGeYKMLti1IpyT9o6bz7OtgdXF9md25uXA

James_inthe_box's tweet image. #snakekeylogger at: https://intesmak\.com/obitwo c2: https://api.telegram\.org/bot8099843793:AAGeYKMLti1IpyT9o6bz7OtgdXF9md25uXA
1
3
5
0
1พัน
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
21 เม.ย.

5c5554f94ff082de987f1b6cd87d6fa7 crossadam240@proton[.]me purchase@yashseals[.]com mail[.]yashseals[.]com:587 103[.]14[.]97[.]241 AS396904 QUALISPACE-ASN 🇮🇳 #SnakeKeylogger

skocherhan's tweet image. 5c5554f94ff082de987f1b6cd87d6fa7 crossadam240@proton[.]me purchase@yashseals[.]com mail[.]yashseals[.]com:587 103[.]14[.]97[.]241 AS396904 QUALISPACE-ASN 🇮🇳 #SnakeKeylogger
skocherhan's tweet image. 5c5554f94ff082de987f1b6cd87d6fa7 crossadam240@proton[.]me purchase@yashseals[.]com mail[.]yashseals[.]com:587 103[.]14[.]97[.]241 AS396904 QUALISPACE-ASN 🇮🇳 #SnakeKeylogger
0
0
2
1
288
James_inthe_box's profile picture.
James
 @James_inthe_box
24 พ.ย.

#snakekeylogger at: https://intesmak\.com/obitwo c2: https://api.telegram\.org/bot8099843793:AAGeYKMLti1IpyT9o6bz7OtgdXF9md25uXA

James_inthe_box's tweet image. #snakekeylogger at: https://intesmak\.com/obitwo c2: https://api.telegram\.org/bot8099843793:AAGeYKMLti1IpyT9o6bz7OtgdXF9md25uXA
1
3
5
0
1พัน
RexorVc0's profile picture. Threat Researcher at @socradar | Malware Researcher | Threat Hunter | CTI ¦ Former @ElevenPaths @Panda_Security
Aaron Jornet
@RexorVc0
17 พ.ย.

📡New research #SnakeKeylogger | #404Keylogger evolution - One of the most ᵾꞥfamous #malware used by all kinds of #TA and #campaigns ⛓️ #Phishing | Fake link > Loader > Persistence > Load code > #Snake > Obtain info > #Telegram 🔎Full research: rexorvc0.com

RexorVc0's tweet image. 📡New research #SnakeKeylogger | #404Keylogger evolution - One of the most ᵾꞥfamous #malware used by all kinds of #TA and #campaigns ⛓️ #Phishing | Fake link > Loader > Persistence > Load code > #Snake > Obtain info > #Telegram 🔎Full research: rexorvc0.com
RexorVc0's tweet image. 📡New research #SnakeKeylogger | #404Keylogger evolution - One of the most ᵾꞥfamous #malware used by all kinds of #TA and #campaigns ⛓️ #Phishing | Fake link > Loader > Persistence > Load code > #Snake > Obtain info > #Telegram 🔎Full research: rexorvc0.com
1
9
36
7
4พัน
bomccss's profile picture. bomb💣 / マルウェアへ感染する日本語の #不審メール ばらまきメールの発信 , Japanese #malspam notificator / focus #ursnif #cutwail #emotet / 組織から独立した個人の活動 , work with community by @Sec_S_Owl
bom
 @bomccss
30 ต.ค.

日本語のマルウェア付きメールが確認されています。 ■日時 2025/10/30 ■件名 FW: Remittance Advice Swift Identifier UTRI : CustID (略) ■添付ファイル S00010 UTR 11000 Swift 301025 pdf.z -> exe tria.ge/251030-jlhv8sv… 情報窃取マルウェア #VIPKeyLogger ( #SnakeKeyLogger )

tdatwja's profile picture.
misaki
 @tdatwja
30 ต.ค.

日本語マルウェアメールの接到を確認しています。 件名: FW: Remittance Advice Swift Identifier UTRI : CustID 56258XXXX_0075NSMT103I0020526 添付ファイル: S00010 UTR 11000 Swift 301025 pdf.z -> exe MD5: 9d742de1427435bf6b989efca7a6609d Sample: tria.ge/251030-jlhv8sv…

tdatwja's tweet image. 日本語マルウェアメールの接到を確認しています。 件名: FW: Remittance Advice Swift Identifier UTRI : CustID 56258XXXX_0075NSMT103I0020526 添付ファイル: S00010 UTR 11000 Swift 301025 pdf.z -> exe MD5: 9d742de1427435bf6b989efca7a6609d Sample: tria.ge/251030-jlhv8sv…
0
3
8
0
4พัน
0
2
6
0
3พัน
JAMESWT_WT's profile picture. #Independent #Malware #Hunter #CyberSecurity #InfoSec https://t.co/KCFBJcHHcW https://t.co/WODUKncjFy
JAMESWT
 @JAMESWT_WT
14 ต.ค.

"Firma questi documenti con una penna blu!" 👇 Protocol: smtp webmail.ki-lojaobrinquedos.]com.]br Username: vendas@feiraodoscabelos.]com.]br Email To: nolimitforce@yandex.]com 👇 #snakekeylogger 👇 Samples bazaar.abuse.ch/browse/tag/web… AnyRUn app.any.run/tasks/c7207813…

JAMESWT_WT's tweet image. "Firma questi documenti con una penna blu!" 👇 Protocol: smtp webmail.ki-lojaobrinquedos.]com.]br Username: vendas@feiraodoscabelos.]com.]br Email To: nolimitforce@yandex.]com 👇 #snakekeylogger 👇 Samples bazaar.abuse.ch/browse/tag/web… AnyRUn app.any.run/tasks/c7207813…
JAMESWT_WT's tweet image. "Firma questi documenti con una penna blu!" 👇 Protocol: smtp webmail.ki-lojaobrinquedos.]com.]br Username: vendas@feiraodoscabelos.]com.]br Email To: nolimitforce@yandex.]com 👇 #snakekeylogger 👇 Samples bazaar.abuse.ch/browse/tag/web… AnyRUn app.any.run/tasks/c7207813…
1
4
20
1
10พัน
zettakolkata's profile picture. An ISO/IEC 27001:2013 & ISO/IEC 20000-1:2018 Certified Cyber Security Consulting Organization.
Zettawise Consulting
 @zettakolkata
13 ต.ค.

How ‘Snake Keylogger’ Uses ISO Files to Steal Sensitive Information zettawise.in/blog/article/b… #snakekeylogger #malware #ISOfiles #zettwaise

zettakolkata's tweet image. How ‘Snake Keylogger’ Uses ISO Files to Steal Sensitive Information zettawise.in/blog/article/b… #snakekeylogger #malware #ISOfiles #zettwaise
0
0
0
0
26
GenThreatLabs's profile picture. A global network of #cybersecurity researchers at Gen, protecting nearly 500M people through our Cyber Safety brands - @Norton, @Avast, @LifeLock & more.
Gen Threat Labs
@GenThreatLabs
9 ต.ค.

🚨We are observing a new active #infostealer #SnakeKeylogger campaign. The threat is distributed via e-mails 📧 with sender aliases such as "CPA-Payment Files" impersonating CPAGlobal / @Clarivate. The e-mails contain ISO or ZIP files containing malicious BAT script downloading…

GenThreatLabs's tweet image. 🚨We are observing a new active #infostealer #SnakeKeylogger campaign. The threat is distributed via e-mails 📧 with sender aliases such as "CPA-Payment Files" impersonating CPAGlobal / @Clarivate. The e-mails contain ISO or ZIP files containing malicious BAT script downloading…
1
1
4
4
805
bomccss's profile picture. bomb💣 / マルウェアへ感染する日本語の #不審メール ばらまきメールの発信 , Japanese #malspam notificator / focus #ursnif #cutwail #emotet / 組織から独立した個人の活動 , work with community by @Sec_S_Owl
bom
 @bomccss
24 ก.ย.

日本語のマルウェア付きメールが確認されています。 ■日時 2025/09/24 ■件名 見積依頼書 Q2509-00009 ■添付ファイル Q2509-00008[.]rar -> .exe tria.ge/250924-jjgkdse… 見積依頼書 Q2509-00008[.]zip -> .exe tria.ge/250924-b9gdbaa… 情報窃取マルウェア #VIPKeyLogger ( #SnakeKeyLogger )

bomccss's tweet image. 日本語のマルウェア付きメールが確認されています。 ■日時 2025/09/24 ■件名 見積依頼書 Q2509-00009 ■添付ファイル Q2509-00008[.]rar -> .exe tria.ge/250924-jjgkdse… 見積依頼書 Q2509-00008[.]zip -> .exe tria.ge/250924-b9gdbaa… 情報窃取マルウェア #VIPKeyLogger ( #SnakeKeyLogger )
bomccss's tweet image. 日本語のマルウェア付きメールが確認されています。 ■日時 2025/09/24 ■件名 見積依頼書 Q2509-00009 ■添付ファイル Q2509-00008[.]rar -> .exe tria.ge/250924-jjgkdse… 見積依頼書 Q2509-00008[.]zip -> .exe tria.ge/250924-b9gdbaa… 情報窃取マルウェア #VIPKeyLogger ( #SnakeKeyLogger )
1
10
27
7
4พัน
bomccss's profile picture. bomb💣 / マルウェアへ感染する日本語の #不審メール ばらまきメールの発信 , Japanese #malspam notificator / focus #ursnif #cutwail #emotet / 組織から独立した個人の活動 , work with community by @Sec_S_Owl
bom
 @bomccss
24 ก.ย.

日本語のマルウェア付きメールが確認されています。 ■日時 2025/09/22 ■件名 見積依頼書 Q2509-00009 ■添付ファイル Q2509-00009[.]zip -> .exe tria.ge/250924-jjgkdse… マルウェア種別は未判定ですが、恐らくは情報窃取マルウェアの #SnakeKeylogger

tdatwja's profile picture.
misaki
 @tdatwja
24 ก.ย.

日本語で書かれたマルウェアメールの接到を確認しています。 件名: 見積依頼書 Q2509-00009 添付ファイル: Q2509-00009[.]zip -> exe MD5: e709639bd0072c40bc3641405120a0c1 Sample: tria.ge/250924-ccwx6sy…

tdatwja's tweet image. 日本語で書かれたマルウェアメールの接到を確認しています。 件名: 見積依頼書 Q2509-00009 添付ファイル: Q2509-00009[.]zip -> exe MD5: e709639bd0072c40bc3641405120a0c1 Sample: tria.ge/250924-ccwx6sy…
0
4
10
1
3พัน
0
3
5
0
3พัน
bomccss's profile picture. bomb💣 / マルウェアへ感染する日本語の #不審メール ばらまきメールの発信 , Japanese #malspam notificator / focus #ursnif #cutwail #emotet / 組織から独立した個人の活動 , work with community by @Sec_S_Owl
bom
 @bomccss
8 ก.ย.

日本語のマルウェア付きメールが確認されています。 ■日時 2025/09/08 ■件名 注文書(西日本常盤商行 ■添付ファイル 常盤注文書0687-080925[.]zip -> .exe 情報窃取マルウェア #VIPKeyLogger ( #SnakeKeyLogger )

tdatwja's profile picture.
misaki
 @tdatwja
8 ก.ย.

日本語マルウェアメールの接到を確認しています。 件名:注文書(西日本常盤商行 添付ファイル:常盤注文書0687-080925.zip→exe MD5:753e00bc5ec44e7a62f5d89fd0f77022 C2: drive[.]google[.]com  → mail[.]gunesmetal[.]net  → api[.]telegram[.]org Sample: tria.ge/250908-btwhas1…

tdatwja's tweet image. 日本語マルウェアメールの接到を確認しています。 件名:注文書(西日本常盤商行 添付ファイル:常盤注文書0687-080925.zip→exe MD5:753e00bc5ec44e7a62f5d89fd0f77022 C2: drive[.]google[.]com  → mail[.]gunesmetal[.]net  → api[.]telegram[.]org Sample: tria.ge/250908-btwhas1…
0
8
30
3
6พัน
0
4
9
0
3พัน
bomccss's profile picture. bomb💣 / マルウェアへ感染する日本語の #不審メール ばらまきメールの発信 , Japanese #malspam notificator / focus #ursnif #cutwail #emotet / 組織から独立した個人の活動 , work with community by @Sec_S_Owl
bom
 @bomccss
4 ก.ย.

日本語のマルウェア付きメールが確認されています。 ■日時 2025/09/03 ■件名 見積依頼 ■添付ファイル 見積依頼 20250903_pdf.z -> exe 情報窃取マルウェア #VIPKeyLogger ( #SnakeKeyLogger ) tria.ge/250904-c4p9psv…

tdatwja's profile picture.
misaki
 @tdatwja
4 ก.ย.

日本語で書かれたマルウェアメールの接到を確認しています。 件名: 見積依頼 添付ファイル: 見積依頼 20250903_pdf.z -> exe MD5: 74f4cfe6ced8215a34c2edd23df9b4ab C2: drive[.]google[.]com -> mail[.]imzalimetal[.]com[.]tr -> api[.]telegram[.]org Sample: tria.ge/250904-c4p9psv…

tdatwja's tweet image. 日本語で書かれたマルウェアメールの接到を確認しています。 件名: 見積依頼 添付ファイル: 見積依頼 20250903_pdf.z -> exe MD5: 74f4cfe6ced8215a34c2edd23df9b4ab C2: drive[.]google[.]com -> mail[.]imzalimetal[.]com[.]tr -> api[.]telegram[.]org Sample: tria.ge/250904-c4p9psv…
1
3
7
2
3พัน
1
5
7
1
2พัน
bomccss's profile picture. bomb💣 / マルウェアへ感染する日本語の #不審メール ばらまきメールの発信 , Japanese #malspam notificator / focus #ursnif #cutwail #emotet / 組織から独立した個人の活動 , work with community by @Sec_S_Owl
bom
 @bomccss
3 ก.ย.

日本語のマルウェア付きメールが確認されています。 ■日時 2025/09/03 ■件名 見積依頼 ■添付ファイル 見積依頼09032025_pdf.r00 ->.exe ダウンローダー #Guloader -> 情報窃取マルウェア #VIPKeyLogger ( #SnakeKeyLogger ) tria.ge/250903-jk5zdas…

itc_uec's profile picture. 国立大学法人電気通信大学 情報基盤センターの公式アカウントです.このアカウントへのメッセージは確認・返信できません.教職員・学生の方は情報基盤センター業務事務室 (https://t.co/v0ZVnu2YzW) にご連絡ください.
国立大学法人電気通信大学 情報基盤センター
 @itc_uec
3 ก.ย.

【2025/09/03】日本語で書かれたばらまき型攻撃メール(Guloader, VIP Keylogger)に関する注意喚起 ift.tt/wCOghrI

0
0
2
0
3พัน
0
7
13
1
3พัน
bomccss's profile picture. bomb💣 / マルウェアへ感染する日本語の #不審メール ばらまきメールの発信 , Japanese #malspam notificator / focus #ursnif #cutwail #emotet / 組織から独立した個人の活動 , work with community by @Sec_S_Owl
bom
 @bomccss
2 ก.ย.

日本語のマルウェア付きメールが確認されています。 ■日時 2025/09/02 ■件名 見積依頼 ■添付ファイル 見積依頼フォーム.zip ->.exe 情報窃取マルウェア #VIPKeyLogger ( #SnakeKeyLogger )

tdatwja's profile picture.
misaki
 @tdatwja
2 ก.ย.

日本語で書かれたマルウェアメールの接到を確認しています。 件名: 見積依頼 添付ファイル: 見積依頼フォーム.zip -> exe MD5: d3048ffed5b3a53ea4527d07b0674a40 C2: drive[.]google[.]com -> mail[.]imzalimetal[.]com[.]tr -> api[.]telegram[.]org Sample: tria.ge/250902-ejd22sw…

tdatwja's tweet image. 日本語で書かれたマルウェアメールの接到を確認しています。 件名: 見積依頼 添付ファイル: 見積依頼フォーム.zip -> exe MD5: d3048ffed5b3a53ea4527d07b0674a40 C2: drive[.]google[.]com -> mail[.]imzalimetal[.]com[.]tr -> api[.]telegram[.]org Sample: tria.ge/250902-ejd22sw…
0
6
12
4
5พัน
0
8
13
1
3พัน
JAMESWT_WT's profile picture. #Independent #Malware #Hunter #CyberSecurity #InfoSec https://t.co/KCFBJcHHcW https://t.co/WODUKncjFy
JAMESWT
 @JAMESWT_WT
30 ส.ค.

From #compromised #email @HotelParleInt #snakekeylogger👇 Protocol: smtp Host: ⚠️mail.hotelparleinternational.]com Username: ⚠️accounts@hotelparleinternational.]com Email To: ⚠️newupdatedauglog@onionmail.]org 👇Collection Samples Tagged and Updated👇 bazaar.abuse.ch/browse/tag/hot…

JAMESWT_WT's tweet image. From #compromised #email @HotelParleInt #snakekeylogger👇 Protocol: smtp Host: ⚠️mail.hotelparleinternational.]com Username: ⚠️accounts@hotelparleinternational.]com Email To: ⚠️newupdatedauglog@onionmail.]org 👇Collection Samples Tagged and Updated👇 bazaar.abuse.ch/browse/tag/hot…
JAMESWT_WT's tweet image. From #compromised #email @HotelParleInt #snakekeylogger👇 Protocol: smtp Host: ⚠️mail.hotelparleinternational.]com Username: ⚠️accounts@hotelparleinternational.]com Email To: ⚠️newupdatedauglog@onionmail.]org 👇Collection Samples Tagged and Updated👇 bazaar.abuse.ch/browse/tag/hot…
JAMESWT_WT's tweet image. From #compromised #email @HotelParleInt #snakekeylogger👇 Protocol: smtp Host: ⚠️mail.hotelparleinternational.]com Username: ⚠️accounts@hotelparleinternational.]com Email To: ⚠️newupdatedauglog@onionmail.]org 👇Collection Samples Tagged and Updated👇 bazaar.abuse.ch/browse/tag/hot…
0
2
10
0
889
bomccss's profile picture. bomb💣 / マルウェアへ感染する日本語の #不審メール ばらまきメールの発信 , Japanese #malspam notificator / focus #ursnif #cutwail #emotet / 組織から独立した個人の活動 , work with community by @Sec_S_Owl
bom
 @bomccss
29 ส.ค.

日本語のマルウェア付きメールが確認されています。 ■日時 2025/08/29 ■件名 見積依頼 20250829131540 ■添付ファイル 見積依頼 20250829131540[.]zip ->.exe 情報窃取マルウェア #VIPKeyLogger ( #SnakeKeyLogger ) tria.ge/250829-ms7pqav…

tdatwja's profile picture.
misaki
 @tdatwja
29 ส.ค.

日本語で書かれたマルウェアメールの接到を確認しています。 件名: 見積依頼 20250829131540 添付ファイル: 見積依頼 20250829131540[.]zip  -> 見積依頼 20250829131540[.]exe MD5: 2b9c922d2fc588de36dad106ce147457 C2: mail[.]imzalimetal[.]com[.]tr Sample: tria.ge/250829-kenctaz…

tdatwja's tweet image. 日本語で書かれたマルウェアメールの接到を確認しています。 件名: 見積依頼 20250829131540 添付ファイル: 見積依頼 20250829131540[.]zip  -> 見積依頼 20250829131540[.]exe MD5: 2b9c922d2fc588de36dad106ce147457 C2: mail[.]imzalimetal[.]com[.]tr Sample: tria.ge/250829-kenctaz…
0
7
22
7
7พัน
0
10
17
3
4พัน
TweetThreatNews's profile picture. 🔍 ThreatResearch 📰 CybersecurityNews 🖥️ RansomMonitor 📂 Cyber Attack 📂 Data Breach 🎥 Youtube
Cybersecurity News Everyday
 @TweetThreatNews
15 ส.ค.

Researchers analyzed a Snake Keylogger from MalwareBazaar, identifying C2 IPs and creating a Suricata rule to detect Base64-encoded SMTP data exfiltration of cookies and host info missed by existing ET rules. #SnakeKeylogger #MalwareDetection ift.tt/ACQ3Jbq

0
0
1
0
115
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
10 ส.ค.

a7f94c1c466bd19f01ca9c354be773d6 Onlyhme@proton[.]me support@v5infotech[.]com mail[.]v5infotech[.]com #SnakeKeylogger

skocherhan's tweet image. a7f94c1c466bd19f01ca9c354be773d6 Onlyhme@proton[.]me support@v5infotech[.]com mail[.]v5infotech[.]com #SnakeKeylogger
skocherhan's tweet image. a7f94c1c466bd19f01ca9c354be773d6 Onlyhme@proton[.]me support@v5infotech[.]com mail[.]v5infotech[.]com #SnakeKeylogger
0
0
1
0
208
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
10 ส.ค.

fd1c8dd8f87aedd8be39a7f611a5317e jioke@onionmail[.]org ceo@fgiltd[.]com[.]pk mail[.]fgiltd[.]com[.]pk #SnakeKeylogger

skocherhan's tweet image. fd1c8dd8f87aedd8be39a7f611a5317e jioke@onionmail[.]org ceo@fgiltd[.]com[.]pk mail[.]fgiltd[.]com[.]pk #SnakeKeylogger
skocherhan's tweet image. fd1c8dd8f87aedd8be39a7f611a5317e jioke@onionmail[.]org ceo@fgiltd[.]com[.]pk mail[.]fgiltd[.]com[.]pk #SnakeKeylogger
0
0
1
0
171
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
8 ส.ค.

e9ec4a29ee8e1e68cf0bd3ff77e74dfd ismail@senkar[.]com[.]tr akuwork38@gmail[.]com #SnakeKeylogger @TRCert

skocherhan's tweet image. e9ec4a29ee8e1e68cf0bd3ff77e74dfd ismail@senkar[.]com[.]tr akuwork38@gmail[.]com #SnakeKeylogger @TRCert
0
0
3
1
171
ไม่พบผลลัพธ์สำหรับ "#snakekeylogger"
Gi7w0rm's profile picture. Threat Intelligence Analyst | See my Linktree for other socials | In case I post false intel, contact me! Support me: https://t.co/5WgDqr0K8p 🇪🇺🇩🇪🇺🇦🌈
Gi7w0rm
 @Gi7w0rm
8 มี.ค. 2024

#SnakeKeylogger using #Telegram #C2 1652 unique Victim IPs identified, Actor Telegram Information: id: 5262627523 first_name: 30315 last_name: New Hope Bot Info: id: 6291795537 first_name: Aku1 username: Aku2bababot

Gi7w0rm's tweet image. #SnakeKeylogger using #Telegram #C2 1652 unique Victim IPs identified, Actor Telegram Information: id: 5262627523 first_name: 30315 last_name: New Hope Bot Info: id: 6291795537 first_name: Aku1 username: Aku2bababot
0
9
46
5
3พัน
tccontre18's profile picture. tweets are my own😉 Threat Researcher - interested in: (R.E, Red/Blue/Purple Team, DFIR, ML, Kernel, Exploit Dev) - https://t.co/qJyB5lIuHj
Br3akp0int
 @tccontre18
12 มี.ค. 2024

happy to share our latest #STRT Blog on #SnakeKeylogger! This includes the intriguing loader variant, Malware Analysis, TTPs we've extracted and a comprehensive list of our developed detections! 😊 #splunk #RE #int3 #blueteam #detectionengineering splunk.com/en_us/blog/sec…

tccontre18's tweet image. happy to share our latest #STRT Blog on #SnakeKeylogger! This includes the intriguing loader variant, Malware Analysis, TTPs we've extracted and a comprehensive list of our developed detections! 😊 #splunk #RE #int3 #blueteam #detectionengineering splunk.com/en_us/blog/sec…
tccontre18's tweet image. happy to share our latest #STRT Blog on #SnakeKeylogger! This includes the intriguing loader variant, Malware Analysis, TTPs we've extracted and a comprehensive list of our developed detections! 😊 #splunk #RE #int3 #blueteam #detectionengineering splunk.com/en_us/blog/sec…
tccontre18's tweet image. happy to share our latest #STRT Blog on #SnakeKeylogger! This includes the intriguing loader variant, Malware Analysis, TTPs we've extracted and a comprehensive list of our developed detections! 😊 #splunk #RE #int3 #blueteam #detectionengineering splunk.com/en_us/blog/sec…
0
29
68
22
5พัน
RexorVc0's profile picture. Threat Researcher at @socradar | Malware Researcher | Threat Hunter | CTI ¦ Former @ElevenPaths @Panda_Security
Aaron Jornet
@RexorVc0
17 พ.ย.

📡New research #SnakeKeylogger | #404Keylogger evolution - One of the most ᵾꞥfamous #malware used by all kinds of #TA and #campaigns ⛓️ #Phishing | Fake link > Loader > Persistence > Load code > #Snake > Obtain info > #Telegram 🔎Full research: rexorvc0.com

RexorVc0's tweet image. 📡New research #SnakeKeylogger | #404Keylogger evolution - One of the most ᵾꞥfamous #malware used by all kinds of #TA and #campaigns ⛓️ #Phishing | Fake link > Loader > Persistence > Load code > #Snake > Obtain info > #Telegram 🔎Full research: rexorvc0.com
RexorVc0's tweet image. 📡New research #SnakeKeylogger | #404Keylogger evolution - One of the most ᵾꞥfamous #malware used by all kinds of #TA and #campaigns ⛓️ #Phishing | Fake link > Loader > Persistence > Load code > #Snake > Obtain info > #Telegram 🔎Full research: rexorvc0.com
1
9
36
7
4พัน
James_inthe_box's profile picture.
James
 @James_inthe_box
3 ก.ค.

Been seeing a spate of side-loaded dll's...usually #snakekeylogger as of late: app.any.run/tasks/acf4c11a…

James_inthe_box's tweet image. Been seeing a spate of side-loaded dll's...usually #snakekeylogger as of late: app.any.run/tasks/acf4c11a…
2
5
46
7
5พัน
1ZRR4H's profile picture. 🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Germán Fernández
@1ZRR4H
20 ก.พ. 2023

⚠️ MALSPAM en progreso, dirigido a empresas en Colombia 🇨🇴 y suplantando a @UNALOficial (Universidad Nacional de Colombia). Remote template: http://104.168.32.152/O__O.DOC #SnakeKeylogger + #opendir http://104.168.32.152/8787/ + bazaar.abuse.ch/sample/180a541…

1ZRR4H's tweet image. ⚠️ MALSPAM en progreso, dirigido a empresas en Colombia 🇨🇴 y suplantando a @UNALOficial (Universidad Nacional de Colombia). Remote template: http://104.168.32.152/O__O.DOC #SnakeKeylogger + #opendir http://104.168.32.152/8787/ + bazaar.abuse.ch/sample/180a541…
1ZRR4H's tweet image. ⚠️ MALSPAM en progreso, dirigido a empresas en Colombia 🇨🇴 y suplantando a @UNALOficial (Universidad Nacional de Colombia). Remote template: http://104.168.32.152/O__O.DOC #SnakeKeylogger + #opendir http://104.168.32.152/8787/ + bazaar.abuse.ch/sample/180a541…
1ZRR4H's tweet image. ⚠️ MALSPAM en progreso, dirigido a empresas en Colombia 🇨🇴 y suplantando a @UNALOficial (Universidad Nacional de Colombia). Remote template: http://104.168.32.152/O__O.DOC #SnakeKeylogger + #opendir http://104.168.32.152/8787/ + bazaar.abuse.ch/sample/180a541…
1ZRR4H's tweet image. ⚠️ MALSPAM en progreso, dirigido a empresas en Colombia 🇨🇴 y suplantando a @UNALOficial (Universidad Nacional de Colombia). Remote template: http://104.168.32.152/O__O.DOC #SnakeKeylogger + #opendir http://104.168.32.152/8787/ + bazaar.abuse.ch/sample/180a541…
1
19
39
4
10พัน
bomccss's profile picture. bomb💣 / マルウェアへ感染する日本語の #不審メール ばらまきメールの発信 , Japanese #malspam notificator / focus #ursnif #cutwail #emotet / 組織から独立した個人の活動 , work with community by @Sec_S_Owl
bom
 @bomccss
24 ก.ย.

日本語のマルウェア付きメールが確認されています。 ■日時 2025/09/24 ■件名 見積依頼書 Q2509-00009 ■添付ファイル Q2509-00008[.]rar -> .exe tria.ge/250924-jjgkdse… 見積依頼書 Q2509-00008[.]zip -> .exe tria.ge/250924-b9gdbaa… 情報窃取マルウェア #VIPKeyLogger ( #SnakeKeyLogger )

bomccss's tweet image. 日本語のマルウェア付きメールが確認されています。 ■日時 2025/09/24 ■件名 見積依頼書 Q2509-00009 ■添付ファイル Q2509-00008[.]rar -> .exe tria.ge/250924-jjgkdse… 見積依頼書 Q2509-00008[.]zip -> .exe tria.ge/250924-b9gdbaa… 情報窃取マルウェア #VIPKeyLogger ( #SnakeKeyLogger )
bomccss's tweet image. 日本語のマルウェア付きメールが確認されています。 ■日時 2025/09/24 ■件名 見積依頼書 Q2509-00009 ■添付ファイル Q2509-00008[.]rar -> .exe tria.ge/250924-jjgkdse… 見積依頼書 Q2509-00008[.]zip -> .exe tria.ge/250924-b9gdbaa… 情報窃取マルウェア #VIPKeyLogger ( #SnakeKeyLogger )
1
10
27
7
4พัน
ShanHolo's profile picture. Another blue team member…..#CSIRT #DFIR #Malware #4n6 #ThreatIntel and following the white rabbit...
Shanholo
 @ShanHolo
24 ต.ค. 2024

🚨#Opendir #Malware🚨 hxxp://172.245.123.45/292/ ⚠️#Snakekeylogger #Stealer ☣️wlanext.exe➡️dab02bda6040baa9dd55a267c40ef2ed 📡:hxxps://api.telegram.org/bot8129252196:AAFb_vUYwennKVolbwpXf3vnDfT_yhozHns/sendMessage?chat_id=7004340450

ShanHolo's tweet image. 🚨#Opendir #Malware🚨 hxxp://172.245.123.45/292/ ⚠️#Snakekeylogger #Stealer ☣️wlanext.exe➡️dab02bda6040baa9dd55a267c40ef2ed 📡:hxxps://api.telegram.org/bot8129252196:AAFb_vUYwennKVolbwpXf3vnDfT_yhozHns/sendMessage?chat_id=7004340450
0
1
4
2
400
ryodan0x's profile picture. Nothing personal here .. just tech stuff
xRY0D4N
 @ryodan0x
12 เม.ย. 2023

I discovered that #SnakeKeylogger can start a communication using both FTP and SMTP as well as Telegram to send some collected information about the machine (find in images below), also the malware persists by creating a key value at SOFTWARE\Microsoft\Windows\CurrentVersion\Run.

ryodan0x's tweet image. I discovered that #SnakeKeylogger can start a communication using both FTP and SMTP as well as Telegram to send some collected information about the machine (find in images below), also the malware persists by creating a key value at SOFTWARE\Microsoft\Windows\CurrentVersion\Run.
ryodan0x's tweet image. I discovered that #SnakeKeylogger can start a communication using both FTP and SMTP as well as Telegram to send some collected information about the machine (find in images below), also the malware persists by creating a key value at SOFTWARE\Microsoft\Windows\CurrentVersion\Run.
ryodan0x's tweet image. I discovered that #SnakeKeylogger can start a communication using both FTP and SMTP as well as Telegram to send some collected information about the machine (find in images below), also the malware persists by creating a key value at SOFTWARE\Microsoft\Windows\CurrentVersion\Run.
ryodan0x's tweet image. I discovered that #SnakeKeylogger can start a communication using both FTP and SMTP as well as Telegram to send some collected information about the machine (find in images below), also the malware persists by creating a key value at SOFTWARE\Microsoft\Windows\CurrentVersion\Run.
1
8
25
7
4พัน
Unit42_Intel's profile picture. The latest research and news from Unit 42, the Palo Alto Networks (@paloaltontwks) Threat Intelligence and Security Consulting Team covering incident response.
Unit 42
 @Unit42_Intel
17 ก.ย. 2024

2024-09-16 (Monday): Saw an #infostealer calling itself "VIP Recovery" which some might call #VIPKeyLogger. Further investigation indicates it's actually #SnakeKeyLogger. Indicators and more info available at bit.ly/3XLR715 #TimelyThreatIntel #Unit42ThreatIntel

Unit42_Intel's tweet image. 2024-09-16 (Monday): Saw an #infostealer calling itself "VIP Recovery" which some might call #VIPKeyLogger. Further investigation indicates it's actually #SnakeKeyLogger. Indicators and more info available at bit.ly/3XLR715 #TimelyThreatIntel #Unit42ThreatIntel
Unit42_Intel's tweet image. 2024-09-16 (Monday): Saw an #infostealer calling itself "VIP Recovery" which some might call #VIPKeyLogger. Further investigation indicates it's actually #SnakeKeyLogger. Indicators and more info available at bit.ly/3XLR715 #TimelyThreatIntel #Unit42ThreatIntel
Unit42_Intel's tweet image. 2024-09-16 (Monday): Saw an #infostealer calling itself "VIP Recovery" which some might call #VIPKeyLogger. Further investigation indicates it's actually #SnakeKeyLogger. Indicators and more info available at bit.ly/3XLR715 #TimelyThreatIntel #Unit42ThreatIntel
Unit42_Intel's tweet image. 2024-09-16 (Monday): Saw an #infostealer calling itself "VIP Recovery" which some might call #VIPKeyLogger. Further investigation indicates it's actually #SnakeKeyLogger. Indicators and more info available at bit.ly/3XLR715 #TimelyThreatIntel #Unit42ThreatIntel
2
37
98
28
9พัน
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
1 มิ.ย.

0935516f3052337adcd315df104fe9aa sales2@mesbarkaveh[.]ir #SnakeKeylogger

skocherhan's tweet image. 0935516f3052337adcd315df104fe9aa sales2@mesbarkaveh[.]ir #SnakeKeylogger
0
0
1
0
222
ShanHolo's profile picture. Another blue team member…..#CSIRT #DFIR #Malware #4n6 #ThreatIntel and following the white rabbit...
Shanholo
 @ShanHolo
3 ต.ค. 2024

🚨#Opendir #Malware🚨 hxxp://172.245.123.9/780/ ⚠️#SnakeKeyLogger ☣️dllhost.exe➡️46ce226283fb84a52a6a902fc7032363 📡C2:mail.kotobagroup.]com:587 🔑 User:[email protected] 🔑Pass:Kotoba@2022!

ShanHolo's tweet image. 🚨#Opendir #Malware🚨 hxxp://172.245.123.9/780/ ⚠️#SnakeKeyLogger ☣️dllhost.exe➡️46ce226283fb84a52a6a902fc7032363 📡C2:mail.kotobagroup.]com:587 🔑 User:kjlc@kotobagroup.com 🔑Pass:Kotoba@2022!
2
0
6
0
3พัน
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
10 ส.ค.

a7f94c1c466bd19f01ca9c354be773d6 Onlyhme@proton[.]me support@v5infotech[.]com mail[.]v5infotech[.]com #SnakeKeylogger

skocherhan's tweet image. a7f94c1c466bd19f01ca9c354be773d6 Onlyhme@proton[.]me support@v5infotech[.]com mail[.]v5infotech[.]com #SnakeKeylogger
skocherhan's tweet image. a7f94c1c466bd19f01ca9c354be773d6 Onlyhme@proton[.]me support@v5infotech[.]com mail[.]v5infotech[.]com #SnakeKeylogger
0
0
1
0
208
osipov_ar's profile picture. MSTIC RE @Microsoft | Ex @Morphisec, Check Point Research | RE, Malware & Threat hunting | Software Engineer.
Arnold Osipov
 @osipov_ar
15 มี.ค. 2023

#Snakekeylogger - .eml -> .onepkg -> .one -> .vbs -> .ps1 -> .exe Displays a lure PDF downloaded from #opendir http://37.139.128[.]83/golden.pdf hash:ab7cf645055bcfc176ce50c7b2702231ac2070185b0e173551c18232ad596d7d

osipov_ar's tweet image. #Snakekeylogger - .eml -> .onepkg -> .one -> .vbs -> .ps1 -> .exe Displays a lure PDF downloaded from #opendir http://37.139.128[.]83/golden.pdf hash:ab7cf645055bcfc176ce50c7b2702231ac2070185b0e173551c18232ad596d7d
osipov_ar's tweet image. #Snakekeylogger - .eml -> .onepkg -> .one -> .vbs -> .ps1 -> .exe Displays a lure PDF downloaded from #opendir http://37.139.128[.]83/golden.pdf hash:ab7cf645055bcfc176ce50c7b2702231ac2070185b0e173551c18232ad596d7d
osipov_ar's tweet image. #Snakekeylogger - .eml -> .onepkg -> .one -> .vbs -> .ps1 -> .exe Displays a lure PDF downloaded from #opendir http://37.139.128[.]83/golden.pdf hash:ab7cf645055bcfc176ce50c7b2702231ac2070185b0e173551c18232ad596d7d
osipov_ar's tweet image. #Snakekeylogger - .eml -> .onepkg -> .one -> .vbs -> .ps1 -> .exe Displays a lure PDF downloaded from #opendir http://37.139.128[.]83/golden.pdf hash:ab7cf645055bcfc176ce50c7b2702231ac2070185b0e173551c18232ad596d7d
0
6
23
1
4พัน
ryodan0x's profile picture. Nothing personal here .. just tech stuff
xRY0D4N
 @ryodan0x
10 เม.ย. 2023

#snakekeylogger sample > executable in resource > .NET obfuscated executable deobfuscate with de4dot malware decrypt API key and chat Id of a telegram bot and communicate with it. yara rule and decryption script: github.com/xRY0D4N/Yara-R…

ryodan0x's tweet image. #snakekeylogger sample > executable in resource > .NET obfuscated executable deobfuscate with de4dot malware decrypt API key and chat Id of a telegram bot and communicate with it. yara rule and decryption script: github.com/xRY0D4N/Yara-R…
ryodan0x's tweet image. #snakekeylogger sample > executable in resource > .NET obfuscated executable deobfuscate with de4dot malware decrypt API key and chat Id of a telegram bot and communicate with it. yara rule and decryption script: github.com/xRY0D4N/Yara-R…
ryodan0x's tweet image. #snakekeylogger sample > executable in resource > .NET obfuscated executable deobfuscate with de4dot malware decrypt API key and chat Id of a telegram bot and communicate with it. yara rule and decryption script: github.com/xRY0D4N/Yara-R…
ryodan0x's tweet image. #snakekeylogger sample > executable in resource > .NET obfuscated executable deobfuscate with de4dot malware decrypt API key and chat Id of a telegram bot and communicate with it. yara rule and decryption script: github.com/xRY0D4N/Yara-R…
1
15
48
9
5พัน
bomccss's profile picture. bomb💣 / マルウェアへ感染する日本語の #不審メール ばらまきメールの発信 , Japanese #malspam notificator / focus #ursnif #cutwail #emotet / 組織から独立した個人の活動 , work with community by @Sec_S_Owl
bom
 @bomccss
18 มี.ค.

日本語のマルウェア付きメールが確認されています。 ■日時 2025/03/18 ■件名 見積依頼 関電プラント向け. ■添付ファイル 見積依頼 関電プラント向け_pdf.r00 -> .exe tria.ge/250318-ggzxvav… 情報窃取マルウェア #SnakeKeyLogger (#vipkeylogger)

bomccss's tweet image. 日本語のマルウェア付きメールが確認されています。 ■日時 2025/03/18 ■件名 見積依頼 関電プラント向け. ■添付ファイル 見積依頼 関電プラント向け_pdf.r00 -> .exe tria.ge/250318-ggzxvav… 情報窃取マルウェア #SnakeKeyLogger (#vipkeylogger)
2
22
53
4
6พัน
bomccss's profile picture. bomb💣 / マルウェアへ感染する日本語の #不審メール ばらまきメールの発信 , Japanese #malspam notificator / focus #ursnif #cutwail #emotet / 組織から独立した個人の活動 , work with community by @Sec_S_Owl
bom
 @bomccss
4 ต.ค. 2024

10/2に日本語のマルウェア付きメールが確認されていました。 ■日時 2024/10/02 ■件名 見積依頼 ■添付ファイル 見積依頼.zip -> .exe tria.ge/241004-k6awssz… 情報窃取マルウェア #SnakeKeyLogger

bomccss's tweet image. 10/2に日本語のマルウェア付きメールが確認されていました。 ■日時 2024/10/02 ■件名 見積依頼 ■添付ファイル 見積依頼.zip -> .exe tria.ge/241004-k6awssz… 情報窃取マルウェア #SnakeKeyLogger
0
10
27
6
5พัน
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
1 มิ.ย.

832776c38c845e55ceae72ca6ffb6587 servereric38@gpsamsterdamqroup[.]com ericsnakelogger@dklak[.]cam #SnakeKeylogger #VIPKeylogger

skocherhan's tweet image. 832776c38c845e55ceae72ca6ffb6587 servereric38@gpsamsterdamqroup[.]com ericsnakelogger@dklak[.]cam #SnakeKeylogger #VIPKeylogger
0
0
1
0
185

Something went wrong.


Something went wrong.


United States Trends