snakebot | 85154403167f9e85756b38d9b46d9846a04ae2c8a2d96524c644ba83a8087e65 | Triage

Sharing

General

Target

85154403167f9e85756b38d9b46d9846a04ae2c8a2d96524c644ba83a8087e65
Size

364KB
MD5

989bc5a1073ce188bcbed7894a4e8867
SHA1

f87698aeedf0a49df1fce723a0ec789ad4b328ec
SHA256

85154403167f9e85756b38d9b46d9846a04ae2c8a2d96524c644ba83a8087e65
SHA512

478018cf08e60523b4e57b85953b3f500a696da3d7ee0f34e76c269a21acd2b43a365b0891664623ac84c4e12a843c950aa8ef0474bfe9bc70055977c7daf328
SSDEEP

6144:18KJjdKZh8wBtwRJXAbUTG86fkh6my0AgFfNALLlov5pCVJEveoLrqOVDmXX6j+e:OKJjM7jBtgXRi66my0AgFfi/e5AVCj6a

Score

10^/10

snakebot snakebot

Malware Config

Signatures

Snakebot family
snakebot

Contains SnakeBOT related strings 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/PurchaseOrder#PO7211A20_RFQs_Samples_Pacific_Keystone_co.exe	snakebot_strings

Files

85154403167f9e85756b38d9b46d9846a04ae2c8a2d96524c644ba83a8087e65
.rar
PurchaseOrder#PO7211A20_RFQs_Samples_Pacific_Keystone_co.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

KDh}Gc`
Size: 325KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ