5d6ba62520f66e70ee281b44342d4271eb98a9b9a5c50e61c28d84c86eb21958

Sharing

Copy URL

Twitter E-mail

General

Target

Snake2Virus.zip
Size

16.6MB
Sample

240423-q57f9sgh48
MD5

c86e8bbae2594e8540521407f09a67c9
SHA1

28a9f7a4cf960b1655d9b80a5df2808b65383c7a
SHA256

5d6ba62520f66e70ee281b44342d4271eb98a9b9a5c50e61c28d84c86eb21958
SHA512

988dceea9f28534c65a4bb5b8eccfc6870eae43a168518c915c4a5aad036b719e569625bfb1309a2150c2b3f2989535f9c858ed1ac7fea2d1866d9446fd2e42e
SSDEEP

393216:1VzC31IMp3y9FsN8aitqcFyICie0GyboItjzFQWZ6J5haav+msJ:1Ami3QFygqc8z9y8yDZ6Pcav+H

Score

6^/10

pyinstaller

Malware Config

Targets

- Target
  
  Snake2Virus/Pythonwin/mfc140u.dll
- Size
  
  5.4MB
- MD5
  
  03a161718f1d5e41897236d48c91ae3c
- SHA1
  
  32b10eb46bafb9f81a402cb7eff4767418956bd4
- SHA256
  
  e06c4bd078f4690aa8874a3deb38e802b2a16ccb602a7edc2e077e98c05b5807
- SHA512
  
  7abcc90e845b43d264ee18c9565c7d0cbb383bfd72b9cebb198ba60c4a46f56da5480da51c90ff82957ad4c84a4799fa3eb0cedffaa6195f1315b3ff3da1be47
- SSDEEP
  
  49152:EuEsNcEc8/CK4b11P5ViH8gw0+NVQD5stWIlE7lva8iposS9j5fzSQzs7ID+AVuS:EnL8+5fiEnQFLOAkGkzdnEVomFHKnPS
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  Snake2Virus/Pythonwin/win32ui.pyd
- Size
  
  1.1MB
- MD5
  
  325b7de1c9fa1c30849cfa24841ece9e
- SHA1
  
  59603c4eb7124b652a138deec9fa90acdbb6af20
- SHA256
  
  12713a63044ada7d907c2678a5cc765da01df29104c148759bdd8b1f4353a80f
- SHA512
  
  360082eceb86663f3a0fabfa55a1672945531e3c4e5faeaa9a2931f5a31179c1e15af0b23933a8b9d79ac176b50a2f1a59e4db81d42e336df98c0239aa5ad159
- SSDEEP
  
  12288:Wx0ux/TOd3rXfWHZPBFwt0xVxio416yw5V4pJDipt:k04T63rX2FZq675V4p8p
Score

1^/10
behavioral3 behavioral4
- Target
  
  Snake2Virus/SDL2.dll
- Size
  
  2.4MB
- MD5
  
  e83a90b09e6274a9a375d73fd130850c
- SHA1
  
  90635404abaa143603a4d18a6555837e2f764673
- SHA256
  
  c2325ce01734ee1abe0f2a040d2ca8551012be3820a1fb2f32530d872df19517
- SHA512
  
  863c55f9e5e636006ec388d7b253ce896ec4c05a09a960dedb02610ed3dd01bbc213f7cafe63ad3c38aef70a899fc6d056c24305485798797171f7546dbe3c13
- SSDEEP
  
  49152:ETXOrRPZL6++oLQ+5QcusZK12XpQyod2mig5p47:68o++cc2B2pig5p47
Score

1^/10
behavioral5 behavioral6
- Target
  
  Snake2Virus/SDL2_image.dll
- Size
  
  122KB
- MD5
  
  b8d249a5e394b4e6a954c557af1b80e6
- SHA1
  
  b03bb9d09447114a018110bfb91d56ef8d5ec3bb
- SHA256
  
  1e364af75fee0c83506fbdfd4d5b0e386c4e9c6a33ddbddac61ddb131e360194
- SHA512
  
  2f2e248c3963711f1a9f5d8baea5b8527d1df1748cd7e33bf898a380ae748f7a65629438711ff9a5343e64762ec0b5dc478cdf19fbf7111dac9d11a8427e0007
- SSDEEP
  
  3072:6bsejIuO504fzsOM05Nmy7iGpJ7SvFisgf:6bmX0qQOhmyPs
Score

1^/10
behavioral7 behavioral8
- Target
  
  Snake2Virus/SDL2_mixer.dll
- Size
  
  285KB
- MD5
  
  201aa86dc9349396b83eed4c15abe764
- SHA1
  
  1a239c479e275aa7be93c5372b2d35e98d8d8cec
- SHA256
  
  2a0fc5e9f72c2eaec3240cb82b7594a58ccda609485981f256b94d0a4dd8d6f8
- SHA512
  
  bb2cd185d1d936ceca3cc20372c98a1b1542288ad5523ff8b823fb5e842205656ec2f615f076929c69987c7468245a452238b509d37109c9bec26be5f638f3b7
- SSDEEP
  
  3072:uHT3KS12sljkvy5jXabgwdIFwix1Cvmm1xXLLPAgx+3BfZrzJ9qYdt2mTdIssFor:E3Kdy5eb+wix1Cv/7MBJJ95IssFo2p
Score

1^/10
behavioral10 behavioral9
- Target
  
  Snake2Virus/SDL2_ttf.dll
- Size
  
  1.5MB
- MD5
  
  6825b40c5f796137edc896467839af7a
- SHA1
  
  808ff63ce1ebfcd734a0bb797fc01c9ef5615563
- SHA256
  
  d96cb0005270afe9925c0bde9c95e29dd7a3f287f79aea17ca381fe3daa28e0e
- SHA512
  
  e1222620616c101dd2fc9fd8115487004a3a7299db2800d0dfe5d653fe6aee7907e5067012df61449413b74c608dfca5a1418621d2fd107206619da2f960879a
- SSDEEP
  
  24576:F4co9xlqmh1Olg0y/ssT5e3SGZjQRXrs/ODQWRd0Doza0/tZjk82D/ZeFUOPkt:bo9xFh1Olg0y3T5e+lQ/mQWRGKjQUUOs
Score

1^/10
behavioral11 behavioral12
- Target
  
  Snake2Virus/Snake2.exe
- Size
  
  1.9MB
- MD5
  
  09b44cd0ccd1b623f74a52392ceacf12
- SHA1
  
  b8282dc888266e9cd27a29e1cb5429805b2a2e57
- SHA256
  
  a3340038efd5406f59de32cfec04acede26a487dfd9b57915be14e35fe89d76c
- SHA512
  
  3d55f61949003dcf2760d7845a1de288ed6aa646092ae115bf0764b6155d3f68bd62b3a86ce645bf365f043e8eb0db41db99f41c06881227c25b106fefe2168c
- SSDEEP
  
  49152:NRm8EEbzkWLkXEOmUNei7Waf//20YMigFjjAat0JMCDZjeF:jm8fboWSm+eib20Yep2JMCD
Score

1^/10
behavioral13 behavioral14
- Target
  
  Snake2Virus/VCRUNTIME140.dll
- Size
  
  91KB
- MD5
  
  7942be5474a095f673582997ae3054f1
- SHA1
  
  e982f6ebc74d31153ba9738741a7eec03a9fa5e8
- SHA256
  
  8ee6b49830436ff3bec9ba89213395427b5535813930489f118721fd3d2d942c
- SHA512
  
  49fbc9d441362b65a8d78b73d4fdcf988f22d38a35a36a233fcd54e99e95e29b804be7eabe2b174188c7860ebb34f701e13ed216f954886a285bed7127619039
- SSDEEP
  
  1536:bS6NH9M7vShoxXqYGZLAy10i5XNS83NT/sM9MYDiRecbbVKKoB98:bFRmxXqX0yvX7mHYWRecbb8l
Score

1^/10
behavioral15 behavioral16
- Target
  
  Snake2Virus/VCRUNTIME140_1.dll
- Size
  
  35KB
- MD5
  
  ab03551e4ef279abed2d8c4b25f35bb8
- SHA1
  
  09bc7e4e1a8d79ee23c0c9c26b1ea39de12a550e
- SHA256
  
  f8bc270449ca6bb6345e88be3632d465c0a7595197c7954357dc5066ed50ae44
- SHA512
  
  0e7533b8d7e5019ffd1e73937c1627213711725e88c6d7321588f7fffe9e1b4ef5c38311548adbd2c0ee9b407135646593bf1498cbee92275f4e0a22ace78909
- SSDEEP
  
  384:diWe6RE3c6lqst5nZvS05fJjPXR51RWmbzw+XfeDky85xHrwB2BWrYKW4dHRN7qp:at3csN7xPXdRdP/ve6HrEUSKZz
Score

1^/10
behavioral17 behavioral18
- Target
  
  Snake2Virus/_bz2.pyd
- Size
  
  84KB
- MD5
  
  5a8b3602b3560868bd819b10c6343874
- SHA1
  
  73a5ce4d07479894f24b776eb387abd33deb83a9
- SHA256
  
  00d2f34aee55b473bcc11838469b94a62d01fdf4465e19f7d7388c79132f019e
- SHA512
  
  2f2f8305fd8853c479b5d2a442110efc3ad41a3c482cd554ebcc405fcf097e230f5cd45dbfb44050b5bd6fae662ce7cac0583c9784050f0c7d09a678768587db
- SSDEEP
  
  1536:9935WVusUjdXTR0HKFOtqb+6F1nVOnV8gOHiS3CUI5IrMVvLhyI:rMYXTBFOtqt1nVOnagOHiS3C15IrMVTr
Score

1^/10
behavioral19 behavioral20
- Target
  
  Snake2Virus/_ctypes.pyd
- Size
  
  124KB
- MD5
  
  e1ef9f5c77b01c82cf72522ec96b2a11
- SHA1
  
  e83daa56a104f6ea6235822c644b6554c3958cfe
- SHA256
  
  a79cf8259890d5843cf8eaf29db8dbd4bfabed50f4d859756f93ac2b30617023
- SHA512
  
  4231ec5b06effae6497bf62853b79420529cabaee6b58f519c3c30bdd42c925e85979c29c2db0747dcff3f99f3b19dc02ece96347e08cf49eb0abb1e19238c01
- SSDEEP
  
  3072:iKsh+SFyRF8Awspd/+0iuzQklotv++frZA0wrboVIrBPX:BFSFyM2MklgfrZQYs
Score

1^/10
behavioral21 behavioral22
- Target
  
  Snake2Virus/_decimal.pyd
- Size
  
  264KB
- MD5
  
  77510dba8f87d26741d0a2501d61ad48
- SHA1
  
  fff70ddcbb5ddf34419a4196a341bfff52d2d3ee
- SHA256
  
  6c5ba4ad0c7b89b83e2a0a2c6cc4927992aa0adc449eea6aacaaff2b55f544f6
- SHA512
  
  9b84491bfbb5523b9c73580a8e434ad87a0ccc540fe9d522ee97324c9c20a68d1f45adc712dadd2d3966c4d613ad40b8000a2de4b44a7268020e461d21abf284
- SSDEEP
  
  6144:DT5I6qDoelE8pbeLraagpKGpRwnKtlE0ZzmylUQ9qWMa3pLW1AeW77CDNvFFF:D4Dox816Pgp7/9LfwtFF
Score

1^/10
behavioral23 behavioral24
- Target
  
  Snake2Virus/_hashlib.pyd
- Size
  
  64KB
- MD5
  
  8f7edaff246c46dbf09ab5554b918b37
- SHA1
  
  c14c33b14419f5d24fb36e5f1bf1760a9c63228b
- SHA256
  
  9154b36c178d84a901edad689a53148451ef3c851a91447a0654f528a620d944
- SHA512
  
  1947a1010fa1b07671aa471d5821792dee7f2b0cd1937d3f944cd0201a299e6cb37a41debbbd1bc6e774186f6d08ad6264055cba7652b0d5bd22691431cb360e
- SSDEEP
  
  768:Kyz+AYBO+TSDBUx/tF5IzZL0fpdM9M9GD2Fe7POoJd3xIrYIFwDG4ylq+h2L:7f+TSVyFy1kYuGM4OozxIrYIuyoL
Score

1^/10
behavioral25 behavioral26
- Target
  
  Snake2Virus/_lzma.pyd
- Size
  
  159KB
- MD5
  
  caa58290ab4414e2e22cc0b6ff4b2d29
- SHA1
  
  840902aaf7db40da17018776e5c842014c3a81ac
- SHA256
  
  185d407bcca7399c458133f2ce1efa938352b8093b2de040c91c3c3088ab173f
- SHA512
  
  a82e380ab1676424e52a36c08eabd572375dd36a7fe2b9df51d48c368aed6c04b0b3674bc6a9787efedd0ed70bb1869ed1a2f3a1f4238485710092b9cbadd00e
- SSDEEP
  
  3072:tjV4GSDhSGLHujkOqWAgyWl02t9T+6znfo9mNovFUgirYDz5IrD1l9:tjV4GSDhNLHfOqAR+MwYOvFGrYfs
Score

1^/10
behavioral27 behavioral28
- Target
  
  Snake2Virus/_queue.pyd
- Size
  
  28KB
- MD5
  
  671a9ac9b34f07ada65bf1635e4626c5
- SHA1
  
  d4a6e478caaacdbdb52f57d12e16ba96671d30f2
- SHA256
  
  3f1fc09b3f0a5c8c7aff4223d002952ab26f462aa390940a9f00454815204739
- SHA512
  
  92617258ef747f93ab2c378f5c9a2aac14668d834df15939c1ef83a555490b9ee3380d7341bee60c33057482736a595593749b8794ddeaa9649339363095108c
- SSDEEP
  
  384:h9UfkQsgFJvU2S66i6rEM3ay3njs+cEFVIrmUZDG4y8EnXrhGr:ysg/vT6rEM3XAAVIrmUZDG4yTbhGr
Score

1^/10
behavioral29 behavioral30
- Target
  
  Snake2Virus/_ssl.pyd
- Size
  
  150KB
- MD5
  
  39919e97dc418e0099b2a0bb332a8c77
- SHA1
  
  f04c9d78b3d5e2a95ea3535c363d8b05d666d39e
- SHA256
  
  b38b09bf0421b1f49338ded8021d7bc56be19902d9b21a9b6e9c8df448f93eb2
- SHA512
  
  f179ebe84ae065ed63e71f2855b2b69cdedfc8be70dace0eb07c8b191768eace1312562e27e77492481f214f85d31f35c88c2b1f7a3881cee9dffffa7ffc668a
- SSDEEP
  
  3072:XaMiyO3ZrA0be4qd8yKN9zyrcOmcq7SJdWXxoyp6jRKRQp5IrM70Vr:XaMiLrAmeb87vyri7ShRKR44
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Peripheral Device Discovery

T1120

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

T1102

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32