Overview

overview

10

Static

static

1

download_repair.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    download_repair.php

  • Size

    44KB

  • Sample

    230731-qgnz1sfg87

  • MD5

    f30108f794bea0be3c1ae89f4dc80d3e

  • SHA1

    930b94c169e38e726305a04f3af172fff5abe5e6

  • SHA256

    cb90cf09617502c17ea3862635fcc7e4efb5f3da38e6a0f599b6a7d206eefadb

  • SHA512

    173954201cb5f17c3284f3285559fa5ab08a7b69bf7faf22e2973411463dfffb348dec49edab7f2129798b2a2b824dd6e10ae6b19420707490bf98e3292ace07

  • SSDEEP

    768:k5RHm8YS+jyrSuzqBSrQwKvo+4noCKFA/ozVE+eV+KGnbK6KwIRPtI9OhqAH:k5RHm8YljyrSoqBrvo+4noNFA+VA0bjm

Score
10/10
snakebotminersnakebot

Malware Config

Targets

    • Target

      download_repair.php

    • Size

      44KB

    • MD5

      f30108f794bea0be3c1ae89f4dc80d3e

    • SHA1

      930b94c169e38e726305a04f3af172fff5abe5e6

    • SHA256

      cb90cf09617502c17ea3862635fcc7e4efb5f3da38e6a0f599b6a7d206eefadb

    • SHA512

      173954201cb5f17c3284f3285559fa5ab08a7b69bf7faf22e2973411463dfffb348dec49edab7f2129798b2a2b824dd6e10ae6b19420707490bf98e3292ace07

    • SSDEEP

      768:k5RHm8YS+jyrSuzqBSrQwKvo+4noCKFA/ozVE+eV+KGnbK6KwIRPtI9OhqAH:k5RHm8YljyrSoqBrvo+4noNFA+VA0bjm

    Score
    10/10
    snakebotminersnakebot

    • SnakeBOT

      SnakeBOT is a heavily obfuscated .NET downloader.

      snakebot

    • Contains SnakeBOT related strings

      snakebot

    • Detectes Phoenix Miner Payload

      miner

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Resource Development

Reconnaissance

Tasks