snakebot | 27a94b5c46b4f4b31e422b1b93d44c2276fb3701f9cb0f03f80b85ac052d17cc

Sharing

Copy URL

Twitter E-mail

General

Target

VAST.zip
Size

43.3MB
Sample

231126-yg4z8sca8s
MD5

27a4d4a223125dc61d11860c57e8ac3b
SHA1

f5b4ae5361493c01fcc3e6089b0d75c3e36bd824
SHA256

27a94b5c46b4f4b31e422b1b93d44c2276fb3701f9cb0f03f80b85ac052d17cc
SHA512

3b7cc97249d8e0484bd9e76260e1823fd87914d20d0e5784499a6224d203386cbcae67c26b4742ddb3427b5a3e7da28f2b8e60b335c45817a91d95cef1df7773
SSDEEP

786432:VNsBpebGIhyl1WH/ohG6ts+ppnts/8HPLxeCmhPJ7b79xCO5NeR/LBsK17e0VK:vsXebGKrH/f6ts+ppnuCPLxjmlFfbeRM

Score

10^/10

Malware Config

Targets

- Target
  
  VAST.zip
- Size
  
  43.3MB
- MD5
  
  27a4d4a223125dc61d11860c57e8ac3b
- SHA1
  
  f5b4ae5361493c01fcc3e6089b0d75c3e36bd824
- SHA256
  
  27a94b5c46b4f4b31e422b1b93d44c2276fb3701f9cb0f03f80b85ac052d17cc
- SHA512
  
  3b7cc97249d8e0484bd9e76260e1823fd87914d20d0e5784499a6224d203386cbcae67c26b4742ddb3427b5a3e7da28f2b8e60b335c45817a91d95cef1df7773
- SSDEEP
  
  786432:VNsBpebGIhyl1WH/ohG6ts+ppnts/8HPLxeCmhPJ7b79xCO5NeR/LBsK17e0VK:vsXebGKrH/f6ts+ppnuCPLxjmlFfbeRM
Score

1^/10
behavioral1 behavioral2
- Target
  
  !VAST/VastGen.exe
- Size
  
  39.3MB
- MD5
  
  9c5ff43c0f29ccd9e0a5682565e6e45d
- SHA1
  
  800574f0a4dfadcba94340c3d64a3e00fdd3ddce
- SHA256
  
  edb0f506950965f4af08ce445f137360129f061624a96424ecc19e70c20c3fb8
- SHA512
  
  f05a09e26dbe21a16cd33fde937b24dfccc820273886bfee5dcdec033588d6d576fa1eedceb673aa2aad0177281bff737a90ede22d814cd8132835b964ba3b55
- SSDEEP
  
  786432:DQtsgYVHiRyc0KaU2j6+s7LWB75zuk2F5F0nC9/JqrYEap9WMNmBHqeU:DQtCVHLc0KaU2qHWB75ikKzZ9p3p9WMV
Score

7^/10
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  main.pyc
- Size
  
  29KB
- MD5
  
  678169bd01b910630167a66a1bb70667
- SHA1
  
  138998ba4f3d5ddffabbee4db8d9059e53e820ad
- SHA256
  
  158d2975b2ad1775818107c054a971aa4e9d0275539d02042b3b1ee5e5d808a7
- SHA512
  
  88b40c640cc4a6c17c6653dadd7914b3d519f7c3ceee91c013acc8b89ef71a3e5e3c65ec3b604d65409dfa7477ffeb8a300cb2fdc6185f415b7e78f618d90c29
- SSDEEP
  
  768:K3qgS8iXB8eHegdkplKKljOd0CY52RwhHzW:K3qX8itddkpMKAdhYjhTW
Score

3^/10
behavioral5 behavioral6
- Target
  
  !VAST/config.toml
- Size
  
  2KB
- MD5
  
  0d52eedcf9fa6c6aefb463c7580dd55b
- SHA1
  
  f8b88ced908ab719ae13d5f44ed35a50f8e72e39
- SHA256
  
  b897245ed175010fff857aebc048d73217a1a62022fc5cf3498735b04c4b3b19
- SHA512
  
  c3df6ac1a292b1d66a8b87aef237214c307b4aeadb60548f57a7fa4e254bd4078a0a60e3985484ba2a7f879345be85af3b9bcc9717a4d883db5485ca0e72b0c7
Score

3^/10
behavioral7 behavioral8
- Target
  
  !VAST/data/bios.txt
- Size
  
  46KB
- MD5
  
  cb5f043b18850391fe2f1e4a56a38ebe
- SHA1
  
  c736a16f4fb749acdf7296b742e5c88daaf55f5c
- SHA256
  
  46d7d7b45ddcb96dbcc9173be9d2203b7afdd46798c2c2a6edd0d0842817fb74
- SHA512
  
  8e5f55670adf96cfd268c8e8efc8295e10c2a8cca3c381f7cbc80b0730be3078963c161500c1fc18073af738d7950879245e0d68895acb01bcf16e1977398b71
- SSDEEP
  
  768:BbMjZ4WxaisvnDo9L3e8SvaCsCLBX3qH7PAc59jn2PQ5d:BYjZ4WxaiKnDo9Lu8S53Z387PA8n2PSd
Score

1^/10
behavioral10 behavioral9
- Target
  
  !VAST/data/proxies.txt
- Size
  
  17B
- MD5
  
  055092743c5e4ee6a53c5b008263d391
- SHA1
  
  497d642d99ff5e7d8da01311130bf9449d9acfc5
- SHA256
  
  4a5be3a4322edec69cff3c62144b4e1a057b478669ce966e462b4bfbcc17b476
- SHA512
  
  9cc33d25ce4ca548a3ce0002ce92b650f08868126db36ebdeb08f65fa79ad5961f9ca661c40b783f6f5542bbc538ff3911928610c61be28e0c5dd5e0d4561132
Score

1^/10
behavioral11 behavioral12
- Target
  
  !VAST/data/usernames.txt
- Size
  
  8.2MB
- MD5
  
  080e4f2554e1f7eb9f7fa4f4fbf59a3a
- SHA1
  
  7e46fb6d5cb053e4808a285c056d2246c076a1e6
- SHA256
  
  7d54721afa018d835ae7ec2ce96cb2f1240d14325683d14d2f3b31dd88ee17db
- SHA512
  
  e5d8c43a7df8e25890050e894a69a953cb7ea6ec56e817967679738eff3f7da99a10fa3730653a434c828164ed5b0cb2c0b5cd42fd9656eeb4c3aaf23e354294
- SSDEEP
  
  49152:a/GZ2z3hup05wWj1FtRUIH3/6tlESTbyA2T4Lj3LnPbEMWvu/l8k/YB0fw+oME0y:wdK1SZWKs1Q
Score

1^/10
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14