Briefing Malware
BLOG CERT SOGETI ESEC
CERT BRIEFING MALWARE

Briefing Malware - 02/11/2021

2nd of November 2021 - Winners of the 44th week : Redline, Formbook and Lokibot.

Some links points at extended actionnable intelligence (Threat Bulletins, TTPs, signatures, etc) on our Threat Intelligence Platform Anomali. This access is limited to our clients.

 

Threat statistics report

Publication date:

02/11/2021

Distribution :

TLP : WHITE  

What's new?

Snake(NC)

THREAT ANALYSIS REPORT: Snake Infostealer Malware

#Cybereason Global Operations Center (GSOC) released a report about the malware #Snake, an information stealer code in #.NET and active since end of November 2020. GSOC studied some samples during its increased activities in August 2021 and found some similarities with two others information stealer, #Agent Tesla and #Formbook. Snake is mostly distributed by phishing campaign and includes #keystroke, #screenshot, #credentials and #clipboard data logging. It also can steal credential from more than 50 applications including #FTP, #email client, #web browser or communication platform. The data is exfiltrated using FTP, #smtp or #Telegram (using #HTTPS).

 

https://www.cybereason.com/blog/threat-analysis-report-snake-infostealer-malware

 

Download the report

 

 

Print Email