snakebot | d4803c82bdc773474dda976fa30bc7fbbad2a6192af850c71602419dd500368b | Triage

Sharing

General

Target

d4803c82bdc773474dda976fa30bc7fbbad2a6192af850c71602419dd500368b
Size

475KB
MD5

68a0f1c0fbbdc5014c8814f20b0d0784
SHA1

54bf373d1460da8e3ae153a0694dae77fde9f1cb
SHA256

d4803c82bdc773474dda976fa30bc7fbbad2a6192af850c71602419dd500368b
SHA512

6daf2572ed2e47d62f1a9540d48b242b16adbf281c2c8fa5bc765962c3f576107a91c8a80c4feaecf5abb461dbd1e65f7a0efbfe44bf441c0a785fe9c22576b9
SSDEEP

12288:1sBoDCC0ior450PUJ5k6fLQTzc75a0PpD5YXhPx0Uu:c7Cu60PU9fhnrQhP6

Score

10^/10

snakebot snakebot

Malware Config

Signatures

Snakebot family
snakebot

Contains SnakeBOT related strings 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/new purchase order.rar.exe	snakebot_strings

Files

d4803c82bdc773474dda976fa30bc7fbbad2a6192af850c71602419dd500368b
.zip
new purchase order.rar.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

" Px\H
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 445KB - Virtual size: 444KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ