Double SnakeKeylogger campaign via couriers. The 2 rar attachments of the message contain the same exe file: the malware. The stolen data is exfiltrated via smtp to an email address and via the Telegram API

SnakeKeylogger hides in a fake courier-themed email.

The two (identical) rar attachments of the message contain the same exe file: the malware. The stolen data is exfiltrated via smtp to an email address and via the Telegram API.

Indeed, SnakeKeylogger is an info-stealer capable of acquiring information through various methods.