Overview

overview

10

Static

static

10

2024-05-12...ch.exe

windows7-x64

1

2024-05-12...ch.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-05-12_4b68743b2e7a5b29edf946d8f7ba3e9f_ngrbot_snatch

  • Size

    9.5MB

  • MD5

    4b68743b2e7a5b29edf946d8f7ba3e9f

  • SHA1

    b6fef6210a0b10bb00058992f85336747caf7ca0

  • SHA256

    904ccbc92545ff254069f71535b114428c82264d01f473e3d7bd0843a945a60c

  • SHA512

    1e234e83b41a52a52f5fa648410f75600e97725d483a78735f1c1ba11f11f977cb04ee115b5bf41065e94dd5a549de2c6ed7fea769caa945ee4a3c96b6c7eaa4

  • SSDEEP

    98304:GpEz5g6w/uJjBTPkXP0RrNI6rEfhqFg/C/n0:5Ng6welaP0RrK64fLC/n0

Score
10/10

Malware Config

Signatures

  • Detect binaries embedding considerable number of cryptocurrency wallet browser extension IDs. 1 IoCs
  • Detects binaries (Windows and macOS) referencing many web browsers. Observed in information stealers. 1 IoCs
  • Detects executables Discord URL observed in first stage droppers 1 IoCs
  • Detects executables containing SQL queries to confidential data stores. Observed in infostealers 1 IoCs
  • Detects executables containing URLs to raw contents of a Github gist 1 IoCs
  • Detects executables containing possible sandbox system UUIDs 1 IoCs
  • Detects executables referencing virtualization MAC addresses 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-05-12_4b68743b2e7a5b29edf946d8f7ba3e9f_ngrbot_snatch
    .exe windows:6 windows x64 arch:x64

    c2d457ad8ac36fc9f18d45bffcd450c2


    Headers

    Imports

    Sections