General
-
Target
Kamber.exe
-
Size
7.6MB
-
Sample
230107-c2gvjsce82
-
MD5
79b9de646532617e787f340bb1cbdc10
-
SHA1
5708a7e99172b31072b1dbda0f8be6dbe1a648e4
-
SHA256
93bd2724f3cc25cc7c264990adc0e4152a871c647a7d963d00b81456b9e66020
-
SHA512
fc24baecec2584915fbfade20801abdf725433bf5c436a0264b330e653bb9335678793d316390f58a852d216a3106ec59bf5011f39fe09a2066ca77eb08fb504
-
SSDEEP
196608:N1EbGXpIJOICteEroXxCzlxZV3Gu5D4S26/XCfCS3e/J+91fR:nEPOInEroX414S2uyfCJ+Pp
Malware Config
Targets
-
-
Target
Kamber.exe
-
Size
7.6MB
-
MD5
79b9de646532617e787f340bb1cbdc10
-
SHA1
5708a7e99172b31072b1dbda0f8be6dbe1a648e4
-
SHA256
93bd2724f3cc25cc7c264990adc0e4152a871c647a7d963d00b81456b9e66020
-
SHA512
fc24baecec2584915fbfade20801abdf725433bf5c436a0264b330e653bb9335678793d316390f58a852d216a3106ec59bf5011f39fe09a2066ca77eb08fb504
-
SSDEEP
196608:N1EbGXpIJOICteEroXxCzlxZV3Gu5D4S26/XCfCS3e/J+91fR:nEPOInEroX414S2uyfCJ+Pp
-
Contains SnakeBOT related strings
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-