Trojan:MSIL/SnakeKeylogger
AlienVault
· Published 20/12/2025 19:33 · Modified 20/12/2025 19:57
Essential information
- Confidence
- 100/100
- Is family
- No
- Published
- 20/12/2025 19:33
- Modified
- 20/12/2025 19:57
- Revoked
- No
- Author / Source
- AlienVault
- Related entities
- 3 attack patterns (mitre), 10 indicators, 1 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.
Attack patterns (MITRE) (3)
Indicators (10)
-
stix 100/100 Revoked· Valid until 28/08/2023 · Source: AlienVault
-
stix 100/100 Revoked
SLF:SCPT:OffRelOleObjectHttp.A
· Valid until 28/08/2023 · Source: AlienVault -
stix 100/100 Revoked· Valid until 28/08/2023 · Source: AlienVault
-
stix 100/100 Revoked
SLF:SCPT:OffRelOleObjectHttp.A
· Valid until 28/08/2023 · Source: AlienVault -
stix 100/100 Revoked
404 Keylogger
· Valid until 28/08/2023 · Source: AlienVault -
stix 100/100 Revoked· Valid until 28/08/2023 · Source: AlienVault
-
http://192.227.196.211/FRESH/fresh.exeindicatesstix 100/100 RevokedWin32:PWSX-gen\ [Trj]
· Valid until 11/07/2022 · Source: AlienVault -
http://mail.saadzakhary.com:587indicatesstix 100/100 Revoked· Valid until 11/07/2022 · Source: AlienVault -
stix 100/100 Revoked
ISO-8859 text, with very long lines, with CRLF, CR, LF line terminators 165305d6744591b745661e93dc9feaea73ee0a8ce4dbe93fde8f76d0fc2f8c3f
· Valid until 11/07/2022 · Source: AlienVault -
https://vtaurl.com/IHytwindicatesstix 100/100 Revoked· Valid until 11/07/2022 · Source: AlienVault
Vulnerabilities (CVE) (1)
7.8
High
Microsoft Office contains a memory corruption vulnerability that allows remote code execution in the context of the current user.
- Attack vector
- Local
- Complexity
- Low
- Published
- 15/11/2017
- Modified
- 29/05/2026