Overview

overview

10

Static

static

10

2024-05-04...ch.exe

windows7-x64

1

2024-05-04...ch.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-05-04_eb2109d7072851cfa4615ad858f213d2_ngrbot_snatch

  • Size

    9.6MB

  • MD5

    eb2109d7072851cfa4615ad858f213d2

  • SHA1

    e44b206f2d47064a2efc88b57ec3128b3063c2fb

  • SHA256

    6e7b8d51d4e8215d0f5a5062bc8858bd30ee698a0664d265521c46b2874653a8

  • SHA512

    5297eef21ddfa969ad4f8e52ad9eb0847413836c299e30121a184d355010b4c1801014cb2f50a926088e8d1789c7dad162751b0fd677d38399c9fe26757a7d67

  • SSDEEP

    98304:LwBykSXe7lSS8+3qbdLePw8h+bnA23B2ExcEA7EtbbVGD:kee7lSJbJw8zxcc0D

Score
10/10

Malware Config

Signatures

  • Detects Windows executables referencing non-Windows User-Agents 1 IoCs
  • Detects binaries (Windows and macOS) referencing many web browsers. Observed in information stealers. 1 IoCs
  • Detects executables Discord URL observed in first stage droppers 1 IoCs
  • Detects executables containing SQL queries to confidential data stores. Observed in infostealers 1 IoCs
  • Detects executables containing possible sandbox system UUIDs 1 IoCs
  • Detects executables referencing virtualization MAC addresses 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-05-04_eb2109d7072851cfa4615ad858f213d2_ngrbot_snatch
    .exe windows:6 windows x64 arch:x64

    c2d457ad8ac36fc9f18d45bffcd450c2


    Headers

    Imports

    Sections