snakebot | eed0acd0a40e11ceed2cb1fb296b49579252c77b8d4d3956e56f4c805dbc258a | Triage

Submit
Reports

Overview

overview

Static

static

mame0251b_64bit.exe

windows7-x64

1

mame0251b_64bit.exe

windows10-2004-x64

Sharing

General

Target

mame0251b_64bit.exe
Size

84.8MB
Sample

230128-31gfhaad6x
MD5

f8694b115a065647e434c0092721202f
SHA1

5aa75a73bae6b30874854dc84749cf802f0e486b
SHA256

eed0acd0a40e11ceed2cb1fb296b49579252c77b8d4d3956e56f4c805dbc258a
SHA512

c6b70dbdd980da6e8a653d018cc9e78bec8b84467d9d31bf490e5e17c86119fe10b4f91490fda4804c3f0d1eab49cca809c3866ac83527f6fe288edb66205a3c
SSDEEP

1572864:MRS1w/qSngj/dHH4wt/QDYTD3ihRKQwgbbQNYKmXCVdiVvaIi:MRSDSnAuDYTD3i+QtMYKfdKvm

Score

10^/10

snakebot snakebot

Static task

static1

Behavioral task

behavioral1

Sample

mame0251b_64bit.exe

Resource

win7-20220901-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

mame0251b_64bit.exe

Resource

win10v2004-20221111-en

snakebot snakebot

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  mame0251b_64bit.exe
- Size
  
  84.8MB
- MD5
  
  f8694b115a065647e434c0092721202f
- SHA1
  
  5aa75a73bae6b30874854dc84749cf802f0e486b
- SHA256
  
  eed0acd0a40e11ceed2cb1fb296b49579252c77b8d4d3956e56f4c805dbc258a
- SHA512
  
  c6b70dbdd980da6e8a653d018cc9e78bec8b84467d9d31bf490e5e17c86119fe10b4f91490fda4804c3f0d1eab49cca809c3866ac83527f6fe288edb66205a3c
- SSDEEP
  
  1572864:MRS1w/qSngj/dHH4wt/QDYTD3ihRKQwgbbQNYKmXCVdiVvaIi:MRSDSnAuDYTD3i+QtMYKfdKvm
Score

10^/10

snakebot snakebot
- SnakeBOT
  SnakeBOT is a heavily obfuscated .NET downloader.
  snakebot
- Contains SnakeBOT related strings
  snakebot
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

snakebotsnakebot

© 2018-2024

Terms | Privacy