0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3837e08.8.unpack | MAL_Envrial_Jan18_1 | Detects Encrial credential stealer malware | Florian Roth | - 0x19294:$a2: \Comodo\Dragon\User Data\Default\Login Data
- 0x1847d:$a3: \Google\Chrome\User Data\Default\Login Data
- 0x188c4:$a4: \Orbitum\User Data\Default\Login Data
- 0x19a45:$a5: \Kometa\User Data\Default\Login Data
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3837e08.8.unpack | JoeSecurity_SnakeKeylogger | Yara detected Snake Keylogger | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3837e08.8.unpack | JoeSecurity_TelegramRAT | Yara detected Telegram RAT | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3837e08.8.unpack | JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3837e08.8.unpack | INDICATOR_SUSPICIOUS_EXE_DotNetProcHook | Detects executables with potential process hoocking | ditekSHen | - 0x12925:$s1: UnHook
- 0x1292c:$s2: SetHook
- 0x12934:$s3: CallNextHook
- 0x12941:$s4: _hook
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3837e08.8.unpack | MALWARE_Win_SnakeKeylogger | Detects Snake Keylogger | ditekSHen | - 0x16994:$x1: $%SMTPDV$
- 0x15656:$x2: $#TheHashHere%&
- 0x1693c:$x3: %FTPDV$
- 0x15638:$x4: $%TelegramDv$
- 0x12fa9:$x5: KeyLoggerEventArgs
- 0x1333f:$x5: KeyLoggerEventArgs
- 0x169c0:$m1: | Snake Keylogger
- 0x16a66:$m1: | Snake Keylogger
- 0x16bba:$m1: | Snake Keylogger
- 0x16ce0:$m1: | Snake Keylogger
- 0x16e3a:$m1: | Snake Keylogger
- 0x16960:$m2: Clipboard Logs ID
- 0x16b70:$m2: Screenshot Logs ID
- 0x16c84:$m2: keystroke Logs ID
- 0x16e70:$m3: SnakePW
- 0x16b48:$m4: \SnakeKeylogger\
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3837e08.8.unpack | Windows_Trojan_SnakeKeylogger_af3faa65 | unknown | unknown | - 0x11dab:$a1: get_encryptedPassword
- 0x12097:$a2: get_encryptedUsername
- 0x11bb7:$a3: get_timePasswordChanged
- 0x11cb2:$a4: get_passwordField
- 0x11dc1:$a5: set_encryptedPassword
- 0x133dc:$a7: get_logins
- 0x1333f:$a10: KeyLoggerEventArgs
- 0x12fa9:$a11: KeyLoggerEventArgsEventHandler
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3549930.5.unpack | MAL_Envrial_Jan18_1 | Detects Encrial credential stealer malware | Florian Roth | - 0x19294:$a2: \Comodo\Dragon\User Data\Default\Login Data
- 0x1847d:$a3: \Google\Chrome\User Data\Default\Login Data
- 0x188c4:$a4: \Orbitum\User Data\Default\Login Data
- 0x19a45:$a5: \Kometa\User Data\Default\Login Data
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3549930.5.unpack | JoeSecurity_SnakeKeylogger | Yara detected Snake Keylogger | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3549930.5.unpack | JoeSecurity_TelegramRAT | Yara detected Telegram RAT | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3549930.5.unpack | JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3549930.5.unpack | INDICATOR_SUSPICIOUS_EXE_DotNetProcHook | Detects executables with potential process hoocking | ditekSHen | - 0x12925:$s1: UnHook
- 0x1292c:$s2: SetHook
- 0x12934:$s3: CallNextHook
- 0x12941:$s4: _hook
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3549930.5.unpack | MALWARE_Win_SnakeKeylogger | Detects Snake Keylogger | ditekSHen | - 0x16994:$x1: $%SMTPDV$
- 0x15656:$x2: $#TheHashHere%&
- 0x1693c:$x3: %FTPDV$
- 0x15638:$x4: $%TelegramDv$
- 0x12fa9:$x5: KeyLoggerEventArgs
- 0x1333f:$x5: KeyLoggerEventArgs
- 0x169c0:$m1: | Snake Keylogger
- 0x16a66:$m1: | Snake Keylogger
- 0x16bba:$m1: | Snake Keylogger
- 0x16ce0:$m1: | Snake Keylogger
- 0x16e3a:$m1: | Snake Keylogger
- 0x16960:$m2: Clipboard Logs ID
- 0x16b70:$m2: Screenshot Logs ID
- 0x16c84:$m2: keystroke Logs ID
- 0x16e70:$m3: SnakePW
- 0x16b48:$m4: \SnakeKeylogger\
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3549930.5.unpack | Windows_Trojan_SnakeKeylogger_af3faa65 | unknown | unknown | - 0x11dab:$a1: get_encryptedPassword
- 0x12097:$a2: get_encryptedUsername
- 0x11bb7:$a3: get_timePasswordChanged
- 0x11cb2:$a4: get_passwordField
- 0x11dc1:$a5: set_encryptedPassword
- 0x133dc:$a7: get_logins
- 0x1333f:$a10: KeyLoggerEventArgs
- 0x12fa9:$a11: KeyLoggerEventArgsEventHandler
|
4.0.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.400000.0.unpack | MAL_Envrial_Jan18_1 | Detects Encrial credential stealer malware | Florian Roth | - 0x1b094:$a2: \Comodo\Dragon\User Data\Default\Login Data
- 0x1a27d:$a3: \Google\Chrome\User Data\Default\Login Data
- 0x1a6c4:$a4: \Orbitum\User Data\Default\Login Data
- 0x1b845:$a5: \Kometa\User Data\Default\Login Data
|
4.0.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.400000.0.unpack | JoeSecurity_SnakeKeylogger | Yara detected Snake Keylogger | Joe Security | |
4.0.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.400000.0.unpack | JoeSecurity_TelegramRAT | Yara detected Telegram RAT | Joe Security | |
4.0.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.400000.0.unpack | JoeSecurity_GenericDownloader_1 | Yara detected Generic Downloader | Joe Security | |
4.0.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.400000.0.unpack | JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | |
4.0.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.400000.0.unpack | INDICATOR_SUSPICIOUS_EXE_DotNetProcHook | Detects executables with potential process hoocking | ditekSHen | - 0x14725:$s1: UnHook
- 0x1472c:$s2: SetHook
- 0x14734:$s3: CallNextHook
- 0x14741:$s4: _hook
|
4.0.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.400000.0.unpack | MALWARE_Win_SnakeKeylogger | Detects Snake Keylogger | ditekSHen | - 0x18794:$x1: $%SMTPDV$
- 0x17456:$x2: $#TheHashHere%&
- 0x1873c:$x3: %FTPDV$
- 0x17438:$x4: $%TelegramDv$
- 0x14da9:$x5: KeyLoggerEventArgs
- 0x1513f:$x5: KeyLoggerEventArgs
- 0x187c0:$m1: | Snake Keylogger
- 0x18866:$m1: | Snake Keylogger
- 0x189ba:$m1: | Snake Keylogger
- 0x18ae0:$m1: | Snake Keylogger
- 0x18c3a:$m1: | Snake Keylogger
- 0x18760:$m2: Clipboard Logs ID
- 0x18970:$m2: Screenshot Logs ID
- 0x18a84:$m2: keystroke Logs ID
- 0x18c70:$m3: SnakePW
- 0x18948:$m4: \SnakeKeylogger\
|
4.0.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.400000.0.unpack | Windows_Trojan_SnakeKeylogger_af3faa65 | unknown | unknown | - 0x13bab:$a1: get_encryptedPassword
- 0x13e97:$a2: get_encryptedUsername
- 0x139b7:$a3: get_timePasswordChanged
- 0x13ab2:$a4: get_passwordField
- 0x13bc1:$a5: set_encryptedPassword
- 0x151dc:$a7: get_logins
- 0x1513f:$a10: KeyLoggerEventArgs
- 0x14da9:$a11: KeyLoggerEventArgsEventHandler
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3837e08.8.raw.unpack | MAL_Envrial_Jan18_1 | Detects Encrial credential stealer malware | Florian Roth | - 0x1b094:$a2: \Comodo\Dragon\User Data\Default\Login Data
- 0x1a27d:$a3: \Google\Chrome\User Data\Default\Login Data
- 0x1a6c4:$a4: \Orbitum\User Data\Default\Login Data
- 0x1b845:$a5: \Kometa\User Data\Default\Login Data
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3837e08.8.raw.unpack | JoeSecurity_SnakeKeylogger | Yara detected Snake Keylogger | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3837e08.8.raw.unpack | JoeSecurity_TelegramRAT | Yara detected Telegram RAT | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3837e08.8.raw.unpack | JoeSecurity_GenericDownloader_1 | Yara detected Generic Downloader | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3837e08.8.raw.unpack | JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3837e08.8.raw.unpack | INDICATOR_SUSPICIOUS_EXE_DotNetProcHook | Detects executables with potential process hoocking | ditekSHen | - 0x14725:$s1: UnHook
- 0x1472c:$s2: SetHook
- 0x14734:$s3: CallNextHook
- 0x14741:$s4: _hook
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3837e08.8.raw.unpack | MALWARE_Win_SnakeKeylogger | Detects Snake Keylogger | ditekSHen | - 0x18794:$x1: $%SMTPDV$
- 0x17456:$x2: $#TheHashHere%&
- 0x1873c:$x3: %FTPDV$
- 0x17438:$x4: $%TelegramDv$
- 0x14da9:$x5: KeyLoggerEventArgs
- 0x1513f:$x5: KeyLoggerEventArgs
- 0x187c0:$m1: | Snake Keylogger
- 0x18866:$m1: | Snake Keylogger
- 0x189ba:$m1: | Snake Keylogger
- 0x18ae0:$m1: | Snake Keylogger
- 0x18c3a:$m1: | Snake Keylogger
- 0x18760:$m2: Clipboard Logs ID
- 0x18970:$m2: Screenshot Logs ID
- 0x18a84:$m2: keystroke Logs ID
- 0x18c70:$m3: SnakePW
- 0x18948:$m4: \SnakeKeylogger\
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3837e08.8.raw.unpack | Windows_Trojan_SnakeKeylogger_af3faa65 | unknown | unknown | - 0x13bab:$a1: get_encryptedPassword
- 0x13e97:$a2: get_encryptedUsername
- 0x139b7:$a3: get_timePasswordChanged
- 0x13ab2:$a4: get_passwordField
- 0x13bc1:$a5: set_encryptedPassword
- 0x151dc:$a7: get_logins
- 0x1513f:$a10: KeyLoggerEventArgs
- 0x14da9:$a11: KeyLoggerEventArgsEventHandler
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3814de8.9.raw.unpack | MAL_Envrial_Jan18_1 | Detects Encrial credential stealer malware | Florian Roth | - 0x3e0b4:$a2: \Comodo\Dragon\User Data\Default\Login Data
- 0x3d29d:$a3: \Google\Chrome\User Data\Default\Login Data
- 0x3d6e4:$a4: \Orbitum\User Data\Default\Login Data
- 0x3e865:$a5: \Kometa\User Data\Default\Login Data
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3814de8.9.raw.unpack | JoeSecurity_SnakeKeylogger | Yara detected Snake Keylogger | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3814de8.9.raw.unpack | JoeSecurity_TelegramRAT | Yara detected Telegram RAT | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3814de8.9.raw.unpack | JoeSecurity_GenericDownloader_1 | Yara detected Generic Downloader | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3814de8.9.raw.unpack | JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3814de8.9.raw.unpack | INDICATOR_SUSPICIOUS_EXE_DotNetProcHook | Detects executables with potential process hoocking | ditekSHen | - 0x37745:$s1: UnHook
- 0x3774c:$s2: SetHook
- 0x37754:$s3: CallNextHook
- 0x37761:$s4: _hook
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3814de8.9.raw.unpack | MALWARE_Win_SnakeKeylogger | Detects Snake Keylogger | ditekSHen | - 0x3b7b4:$x1: $%SMTPDV$
- 0x3a476:$x2: $#TheHashHere%&
- 0x3b75c:$x3: %FTPDV$
- 0x3a458:$x4: $%TelegramDv$
- 0x37dc9:$x5: KeyLoggerEventArgs
- 0x3815f:$x5: KeyLoggerEventArgs
- 0x3b7e0:$m1: | Snake Keylogger
- 0x3b886:$m1: | Snake Keylogger
- 0x3b9da:$m1: | Snake Keylogger
- 0x3bb00:$m1: | Snake Keylogger
- 0x3bc5a:$m1: | Snake Keylogger
- 0x3b780:$m2: Clipboard Logs ID
- 0x3b990:$m2: Screenshot Logs ID
- 0x3baa4:$m2: keystroke Logs ID
- 0x3bc90:$m3: SnakePW
- 0x3b968:$m4: \SnakeKeylogger\
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3814de8.9.raw.unpack | Windows_Trojan_SnakeKeylogger_af3faa65 | unknown | unknown | - 0x36bcb:$a1: get_encryptedPassword
- 0x36eb7:$a2: get_encryptedUsername
- 0x369d7:$a3: get_timePasswordChanged
- 0x36ad2:$a4: get_passwordField
- 0x36be1:$a5: set_encryptedPassword
- 0x381fc:$a7: get_logins
- 0x3815f:$a10: KeyLoggerEventArgs
- 0x37dc9:$a11: KeyLoggerEventArgsEventHandler
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.374cfe8.7.raw.unpack | MAL_Envrial_Jan18_1 | Detects Encrial credential stealer malware | Florian Roth | - 0x7b6d4:$a2: \Comodo\Dragon\User Data\Default\Login Data
- 0x7a8bd:$a3: \Google\Chrome\User Data\Default\Login Data
- 0x7ad04:$a4: \Orbitum\User Data\Default\Login Data
- 0x7be85:$a5: \Kometa\User Data\Default\Login Data
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.374cfe8.7.raw.unpack | JoeSecurity_SnakeKeylogger | Yara detected Snake Keylogger | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.374cfe8.7.raw.unpack | JoeSecurity_TelegramRAT | Yara detected Telegram RAT | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.374cfe8.7.raw.unpack | JoeSecurity_GenericDownloader_1 | Yara detected Generic Downloader | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.374cfe8.7.raw.unpack | JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.374cfe8.7.raw.unpack | INDICATOR_SUSPICIOUS_EXE_DotNetProcHook | Detects executables with potential process hoocking | ditekSHen | - 0x74d65:$s1: UnHook
- 0x74d6c:$s2: SetHook
- 0x74d74:$s3: CallNextHook
- 0x74d81:$s4: _hook
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.374cfe8.7.raw.unpack | MALWARE_Win_SnakeKeylogger | Detects Snake Keylogger | ditekSHen | - 0x78dd4:$x1: $%SMTPDV$
- 0x77a96:$x2: $#TheHashHere%&
- 0x78d7c:$x3: %FTPDV$
- 0x77a78:$x4: $%TelegramDv$
- 0x753e9:$x5: KeyLoggerEventArgs
- 0x7577f:$x5: KeyLoggerEventArgs
- 0x78e00:$m1: | Snake Keylogger
- 0x78ea6:$m1: | Snake Keylogger
- 0x78ffa:$m1: | Snake Keylogger
- 0x79120:$m1: | Snake Keylogger
- 0x7927a:$m1: | Snake Keylogger
- 0x78da0:$m2: Clipboard Logs ID
- 0x78fb0:$m2: Screenshot Logs ID
- 0x790c4:$m2: keystroke Logs ID
- 0x792b0:$m3: SnakePW
- 0x78f88:$m4: \SnakeKeylogger\
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.374cfe8.7.raw.unpack | Windows_Trojan_SnakeKeylogger_af3faa65 | unknown | unknown | - 0x741eb:$a1: get_encryptedPassword
- 0x744d7:$a2: get_encryptedUsername
- 0x73ff7:$a3: get_timePasswordChanged
- 0x740f2:$a4: get_passwordField
- 0x74201:$a5: set_encryptedPassword
- 0x7581c:$a7: get_logins
- 0x7577f:$a10: KeyLoggerEventArgs
- 0x753e9:$a11: KeyLoggerEventArgsEventHandler
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.36ecfc8.6.raw.unpack | JoeSecurity_SnakeKeylogger | Yara detected Snake Keylogger | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.36ecfc8.6.raw.unpack | JoeSecurity_TelegramRAT | Yara detected Telegram RAT | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.36ecfc8.6.raw.unpack | JoeSecurity_GenericDownloader_1 | Yara detected Generic Downloader | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.36ecfc8.6.raw.unpack | JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.36ecfc8.6.raw.unpack | INDICATOR_SUSPICIOUS_EXE_DotNetProcHook | Detects executables with potential process hoocking | ditekSHen | - 0xd4d85:$s1: UnHook
- 0xd4d8c:$s2: SetHook
- 0xd4d94:$s3: CallNextHook
- 0xd4da1:$s4: _hook
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.36ecfc8.6.raw.unpack | MALWARE_Win_SnakeKeylogger | Detects Snake Keylogger | ditekSHen | - 0xd8df4:$x1: $%SMTPDV$
- 0xd7ab6:$x2: $#TheHashHere%&
- 0xd8d9c:$x3: %FTPDV$
- 0xd7a98:$x4: $%TelegramDv$
- 0xd5409:$x5: KeyLoggerEventArgs
- 0xd579f:$x5: KeyLoggerEventArgs
- 0xd8e20:$m1: | Snake Keylogger
- 0xd8ec6:$m1: | Snake Keylogger
- 0xd901a:$m1: | Snake Keylogger
- 0xd9140:$m1: | Snake Keylogger
- 0xd929a:$m1: | Snake Keylogger
- 0xd8dc0:$m2: Clipboard Logs ID
- 0xd8fd0:$m2: Screenshot Logs ID
- 0xd90e4:$m2: keystroke Logs ID
- 0xd92d0:$m3: SnakePW
- 0xd8fa8:$m4: \SnakeKeylogger\
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.36ecfc8.6.raw.unpack | Windows_Trojan_SnakeKeylogger_af3faa65 | unknown | unknown | - 0xd420b:$a1: get_encryptedPassword
- 0xd44f7:$a2: get_encryptedUsername
- 0xd4017:$a3: get_timePasswordChanged
- 0xd4112:$a4: get_passwordField
- 0xd4221:$a5: set_encryptedPassword
- 0xd583c:$a7: get_logins
- 0xd579f:$a10: KeyLoggerEventArgs
- 0xd5409:$a11: KeyLoggerEventArgsEventHandler
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3549930.5.raw.unpack | JoeSecurity_SnakeKeylogger | Yara detected Snake Keylogger | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3549930.5.raw.unpack | JoeSecurity_TelegramRAT | Yara detected Telegram RAT | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3549930.5.raw.unpack | JoeSecurity_GenericDownloader_1 | Yara detected Generic Downloader | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3549930.5.raw.unpack | JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | |
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3549930.5.raw.unpack | INDICATOR_SUSPICIOUS_EXE_DotNetProcHook | Detects executables with potential process hoocking | ditekSHen | - 0x14725:$s1: UnHook
- 0x27841d:$s1: UnHook
- 0x1472c:$s2: SetHook
- 0x278424:$s2: SetHook
- 0x14734:$s3: CallNextHook
- 0x27842c:$s3: CallNextHook
- 0x14741:$s4: _hook
- 0x278439:$s4: _hook
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3549930.5.raw.unpack | MALWARE_Win_SnakeKeylogger | Detects Snake Keylogger | ditekSHen | - 0x18794:$x1: $%SMTPDV$
- 0x27c48c:$x1: $%SMTPDV$
- 0x17456:$x2: $#TheHashHere%&
- 0x27b14e:$x2: $#TheHashHere%&
- 0x1873c:$x3: %FTPDV$
- 0x27c434:$x3: %FTPDV$
- 0x17438:$x4: $%TelegramDv$
- 0x27b130:$x4: $%TelegramDv$
- 0x14da9:$x5: KeyLoggerEventArgs
- 0x1513f:$x5: KeyLoggerEventArgs
- 0x278aa1:$x5: KeyLoggerEventArgs
- 0x278e37:$x5: KeyLoggerEventArgs
- 0x187c0:$m1: | Snake Keylogger
- 0x18866:$m1: | Snake Keylogger
- 0x189ba:$m1: | Snake Keylogger
- 0x18ae0:$m1: | Snake Keylogger
- 0x18c3a:$m1: | Snake Keylogger
- 0x27c4b8:$m1: | Snake Keylogger
- 0x27c55e:$m1: | Snake Keylogger
- 0x27c6b2:$m1: | Snake Keylogger
- 0x27c7d8:$m1: | Snake Keylogger
|
0.2.TUFAN YAZ#U011eAN - Kredi Kart#U0131 Hesap #U00d6zeti - 45431108.exe.3549930.5.raw.unpack | Windows_Trojan_SnakeKeylogger_af3faa65 | unknown | unknown | - 0x13bab:$a1: get_encryptedPassword
- 0x2778a3:$a1: get_encryptedPassword
- 0x13e97:$a2: get_encryptedUsername
- 0x277b8f:$a2: get_encryptedUsername
- 0x139b7:$a3: get_timePasswordChanged
- 0x2776af:$a3: get_timePasswordChanged
- 0x13ab2:$a4: get_passwordField
- 0x2777aa:$a4: get_passwordField
- 0x13bc1:$a5: set_encryptedPassword
- 0x2778b9:$a5: set_encryptedPassword
- 0x151dc:$a7: get_logins
- 0x278ed4:$a7: get_logins
- 0x1513f:$a10: KeyLoggerEventArgs
- 0x278e37:$a10: KeyLoggerEventArgs
- 0x14da9:$a11: KeyLoggerEventArgsEventHandler
- 0x278aa1:$a11: KeyLoggerEventArgsEventHandler
|
Click to see the 55 entries |