Symantec cybersecurity experts: The malware deployment is preceded by a reconnaissance with the AdFind tool. The victims are large organizations.
Technical analysis by the Malware Hunter JAMESWT
SnakeKeyLogger is conveyed by an email on “Quotation”. The lzh attachment contains an exe file: the malware itself. If opened, it activates the infection. The data is then exfiltrated via smtp
SnakeKeyLogger is conveyed in a global campaign with an email entitled “Quotation”.
The lzh attachment contains an exe file: the malware itself. This, if opened, it activates the chain of infection. The goal of cybercrime is to steal sensitive data from victims, which are then exfiltrated via smtp.
SnakeKeylogger, in fact, is an info stealer capable of acquiring information through various methods.