The mysterious malware from Türkiye is SnakeKeylogger/StormKitty. The lnk “Alıntı 2589984” email attachment starts the infection chain by running a Powershell script. Stolen data is exfiltrated via Telegram API

SnakeKeylogger/StormKitty is the mysterious malware carried by the false offer of products from Türkiye. The lnk “Alıntı 2589984” email attachment starts the infection chain by running a Powershell script. Stolen data is exfiltrated via Telegram API.

Indeed, SnakeKeylogger and StormKitty are two info-stealers capable of acquiring information through various methods.