snakebot | 842865b9125bc84672070b327eba99d3f8f74436c804acb0d1cae5cb838824b9 | Triage

Sharing

General

Target

842865b9125bc84672070b327eba99d3f8f74436c804acb0d1cae5cb838824b9
Size

432KB
MD5

5ae9bd486b6955f5126984b9a5793511
SHA1

b7381de170e67397bc642129ddae505f58017780
SHA256

842865b9125bc84672070b327eba99d3f8f74436c804acb0d1cae5cb838824b9
SHA512

e58a93669c2453edc5d9ea3ae0a1e062a96ca2bf187cc2b8109fc87d88c2f860b79b0b9755914cff5c0db497da927264bed0f59077a90acf7a235ce24fef6427
SSDEEP

12288:kfm84qMF8cMbh5YkQg3dMVEi6ul1ECohK8n1:kU16u7ECohK81

Score

10^/10

snakebot snakebot

Malware Config

Signatures

Snakebot family
snakebot

Contains SnakeBOT related strings 2 IoCs

Processes:

resource	yara_rule
sample	snakebot_strings
static1/unpack001/CONFIRMACION DEL PEDIDO CVE6535,PDF.exe	snakebot_strings

Files

842865b9125bc84672070b327eba99d3f8f74436c804acb0d1cae5cb838824b9
.iso
CONFIRMACION DEL PEDIDO CVE6535,PDF.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

C>F=|z
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 227KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ