snatch | 0ce4c4af321ff02928aacf105f03dead87e85003080586615755f278770f5adb | Triage

Sharing

General

Target

0ce4c4af321ff02928aacf105f03dead87e85003080586615755f278770f5adb
Size

4.0MB
Sample

230418-lfvc7acd4z
MD5

29738dd9b52dcd61cd791b6d805929c1
SHA1

b226a60f03c7036f6bcbce400ad40ebe7f527925
SHA256

0ce4c4af321ff02928aacf105f03dead87e85003080586615755f278770f5adb
SHA512

fcf8b789a36f90414034a131c6ba872a547d03025fd29aaf48779ea154aee02def7234f4c17dcec5b0f9bcd26cdce34b257979872c0b44d1c4bcafa9a42ac65b
SSDEEP

49152:1gZNP3LGVfMmq1d1MRGM8Fvg9fR5xMXF9WzHrAbluBUMNk+cqG2UtBpStPvC/9fu:1gXDMfql+929+B+tBpEPvCF

Score

10^/10

snatch evasion ransomware

Malware Config

Targets

- Target
  
  0ce4c4af321ff02928aacf105f03dead87e85003080586615755f278770f5adb
- Size
  
  4.0MB
- MD5
  
  29738dd9b52dcd61cd791b6d805929c1
- SHA1
  
  b226a60f03c7036f6bcbce400ad40ebe7f527925
- SHA256
  
  0ce4c4af321ff02928aacf105f03dead87e85003080586615755f278770f5adb
- SHA512
  
  fcf8b789a36f90414034a131c6ba872a547d03025fd29aaf48779ea154aee02def7234f4c17dcec5b0f9bcd26cdce34b257979872c0b44d1c4bcafa9a42ac65b
- SSDEEP
  
  49152:1gZNP3LGVfMmq1d1MRGM8Fvg9fR5xMXF9WzHrAbluBUMNk+cqG2UtBpStPvC/9fu:1gXDMfql+929+B+tBpEPvCF
Score

9^/10

evasion ransomware
- Modifies boot configuration data using bcdedit
  ransomware evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

evasionransomware

behavioral2

evasionransomware