General
-
Target
81b79660be9fc60338eb69eaab2e0b9cfdc750fc5a7e05dabb50a3d45a993b7a
-
Size
5.0MB
-
Sample
221130-w8kpkagh8v
-
MD5
6b114c9e97ef3ff022b51a6e0f6b32af
-
SHA1
92979adf9ca1180cf7c39cb7a02641f7b4e1eff0
-
SHA256
81b79660be9fc60338eb69eaab2e0b9cfdc750fc5a7e05dabb50a3d45a993b7a
-
SHA512
065cb4bd68bafae39c1c420eaed314def3a7ecff9dddcc5c5ebb0c34c8ad8fb2a3c6ee50c18e6b025da4666210a77384ca6f175dff26061dfbc2a71a981a4466
-
SSDEEP
98304:7ExhIKfP5bW1gDaogfd9xkGmBjEQX1DXi5VJUsUyuW/Du3TZyZ1GPY:4xhI0P5bW1g+nfHxkGmBjEQX1DXiJUsx
Malware Config
Targets
-
-
Target
81b79660be9fc60338eb69eaab2e0b9cfdc750fc5a7e05dabb50a3d45a993b7a
-
Size
5.0MB
-
MD5
6b114c9e97ef3ff022b51a6e0f6b32af
-
SHA1
92979adf9ca1180cf7c39cb7a02641f7b4e1eff0
-
SHA256
81b79660be9fc60338eb69eaab2e0b9cfdc750fc5a7e05dabb50a3d45a993b7a
-
SHA512
065cb4bd68bafae39c1c420eaed314def3a7ecff9dddcc5c5ebb0c34c8ad8fb2a3c6ee50c18e6b025da4666210a77384ca6f175dff26061dfbc2a71a981a4466
-
SSDEEP
98304:7ExhIKfP5bW1gDaogfd9xkGmBjEQX1DXi5VJUsUyuW/Du3TZyZ1GPY:4xhI0P5bW1g+nfHxkGmBjEQX1DXiJUsx
Score10/10-
Detecting the common Go functions and variables names used by Snatch ransomware
-
Snatch Ransomware
Ransomware family generally distributed through RDP bruteforce attacks.
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-