Overview

overview

10

Static

static

10

sample.exe

windows7-x64

10

sample.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    snatch.bin.gz

  • Size

    2.5MB

  • MD5

    6220287f87ff3faca8c13a1e3538992e

  • SHA1

    43347dc4b7de70047299a94077d01c8db01573de

  • SHA256

    5d81030fa79538850bef6375df9bdaebffd251271a04b984d356de49ac208bfb

  • SHA512

    b8d1bac09527428b185acba9ed8742d164695315aa9b34935f409ef78213840c4c01aa430b98725ba83f5b4c6ee301c4449e41c248e8a96ca36dcd46dff7eaac

  • SSDEEP

    49152:8+C0sw8Opz8dLYy9H0qIorAj9tXt+krhcnfceKu09BjArM1rqDO4rJunWqo:LCPIpcLY4IorAj9Rt+OhKfcdBjAKWDOY

Score
10/10
upxsnatch

Malware Config

Signatures

  • Detecting the common Go functions and variables names used by Snatch ransomware 1 IoCs
  • Snatch family
    snatch
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • snatch.bin.gz
    .gz
  • sample
    .exe windows x64


    Headers

    Sections

  • out.upx
    .exe windows x64


    Headers

    Sections