snakebot | 4a8c2cfd716cc31ceb56fbe9e8f9888a3ddc834a90e6dedcb140dacb79b625ab | Triage

Sharing

General

Target

4a8c2cfd716cc31ceb56fbe9e8f9888a3ddc834a90e6dedcb140dacb79b625ab
Size

317KB
MD5

a796500fb70218260a23af6b86890776
SHA1

1bc9a256beae11acada5b9514cd29c9fdf5b1820
SHA256

4a8c2cfd716cc31ceb56fbe9e8f9888a3ddc834a90e6dedcb140dacb79b625ab
SHA512

0c221b5d5170e4822197d3a6ca7c9aba0fe10568b9ece7a8367c9872a6d3ab97186ee2224fe9229af1fd156631cb7910dcabbc26e7ce66a810d5b450f166911d
SSDEEP

6144:FwkBWDrOrnZhcAh43ygSAMfUOBpjJ3kdBt86nUBbKM4dHEdsYW:S5GZhnh4igSAEUKtJSBt8dbKxdkQ

Score

10^/10

snakebot snakebot

Malware Config

Signatures

Snakebot family
snakebot

Contains SnakeBOT related strings 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/tas0v3FvZSBpyH2.exe	snakebot_strings

Files

4a8c2cfd716cc31ceb56fbe9e8f9888a3ddc834a90e6dedcb140dacb79b625ab
.zip
tas0v3FvZSBpyH2.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

EKwe>jX!
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ