A zip attachment contains a img with an exe: the malware. The other, a pdf downloading a zip with an exe: the same malware. The data is exfiltrated via SMTP.
Cybercrime, maritime payment themed SnakeKeylogger campaign
Maritime payment themed SnakeKeylogger campaign. The r00 attachment of the “SOA REMITTANCE Final DA / MV NPR -IMO: 9268083” email contains an exe: the malware. Stolen data is exfiltrated via Telegram API
SnakeKeylogger uses a Turkish maritime company as bait in a new paid-themed malspam campaign.
The r00 attachment of the “SOA REMITTANCE Final DA / MV NPR -IMO: 9268083” email contains an exe: the malware. Stolen data is exfiltrated via Telegram API.
Indeed, SnakeKeylogger is an info-stealer capable of acquiring information through various methods.
Related Posts
