Overview

overview

10

Static

static

10

2024-05-14...ch.exe

windows7-x64

1

2024-05-14...ch.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-05-14_087e2dee4195967600b8ae7f874a8bdd_ngrbot_snatch

  • Size

    12.0MB

  • MD5

    087e2dee4195967600b8ae7f874a8bdd

  • SHA1

    dae9b9ed5a81766fd159f83d8c00886f6b868914

  • SHA256

    2d5d36e90b842aeb30a9d6ee8d6c3b633a2cf56e7803b1d22e5adf319184beb5

  • SHA512

    2dae6618a86bc8f7683c6cce4062df201ae9304d6417aea6b4fd23490b7bdd15ec61d9df63e0bc0047bc7bfbcfa0bb8186006fdec5bf18e5590a0d2e3c791d2c

  • SSDEEP

    98304:LVc/lCBxVO4Mw+ZLewtajEaGND5yHEI0ERZojqo2rov64lwYX9It1XU2f45Lq+W:LfjO4fsZIVRZoj84X6Xbc3sjm3bw

Score
10/10

Malware Config

Signatures

  • Detect binaries embedding considerable number of cryptocurrency wallet browser extension IDs. 1 IoCs
  • Detects binaries (Windows and macOS) referencing many web browsers. Observed in information stealers. 1 IoCs
  • Detects executables Discord URL observed in first stage droppers 1 IoCs
  • Detects executables containing SQL queries to confidential data stores. Observed in infostealers 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-05-14_087e2dee4195967600b8ae7f874a8bdd_ngrbot_snatch
    .exe windows:6 windows x64 arch:x64

    4f2f006e2ecf7172ad368f8289dc96c1


    Headers

    Imports

    Sections