The rar attachment contains an exe file: the malware itself. Objective: to steal information from the victim.
Malware Hunter JAMESWT Technical Analysis
SnakeKeylogger campaign via “RE:conferma d’ordine XX”. The uue attachment contains an exe: a loader that downloads the malware and runs it by infecting the machine. Data is stolen via smtp and api telegram
“RE:conferma d’ordine XX” is the subject of an email, which hides SnakeKeylogger inside.
The uue attachment contains an exe file, which acts as a loader. This downloads the malware from a url, decodes and executes it, infecting the machine. The stolen data is exfiltrated via smtp and api telegram.
SnakeKeylogger is an info stealer capable of acquiring information through various methods.