General
-
Target
2024-05-11_3e8b3cf2f1954ecf13f272ce1e56275b_snatch
-
Size
11.6MB
-
Sample
240511-lprzesbd7z
-
MD5
3e8b3cf2f1954ecf13f272ce1e56275b
-
SHA1
e34cdf3399f5896aa526f15bece290f7ceb4a8f8
-
SHA256
80082fe285a7e13e68023a6fc2dea628c7731e70e1e5a3a2055752297b7eea87
-
SHA512
fb26870258045c34cb3ee7704bd4123ae81956253297545b65d30e496c66bbfe25bc11d7866d9699923d80b64c442fb6d6a8b4e87da4e30eceb352389bd2a9f7
-
SSDEEP
98304:2xtzxMCXA0jrpbhH8yE+phtNC2Z4SugsAt77mFtph+FHph:2tXQ0jrkf+phXHt2FtphYph
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-11_3e8b3cf2f1954ecf13f272ce1e56275b_snatch.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-11_3e8b3cf2f1954ecf13f272ce1e56275b_snatch.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-11_3e8b3cf2f1954ecf13f272ce1e56275b_snatch
-
Size
11.6MB
-
MD5
3e8b3cf2f1954ecf13f272ce1e56275b
-
SHA1
e34cdf3399f5896aa526f15bece290f7ceb4a8f8
-
SHA256
80082fe285a7e13e68023a6fc2dea628c7731e70e1e5a3a2055752297b7eea87
-
SHA512
fb26870258045c34cb3ee7704bd4123ae81956253297545b65d30e496c66bbfe25bc11d7866d9699923d80b64c442fb6d6a8b4e87da4e30eceb352389bd2a9f7
-
SSDEEP
98304:2xtzxMCXA0jrpbhH8yE+phtNC2Z4SugsAt77mFtph+FHph:2tXQ0jrkf+phXHt2FtphYph
Score8/10-
Downloads MZ/PE file
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-