General
-
Target
2024-05-23_43d977185abc43d34c26c12756fe7631_snatch
-
Size
20.7MB
-
Sample
240523-g67nzsgc91
-
MD5
43d977185abc43d34c26c12756fe7631
-
SHA1
d879dccda7996302314a0e26cf1aa54851c06adc
-
SHA256
df87ca54d1eb086bf84381d12cb9b42c02246c2fe569a15de161d9721c4a186f
-
SHA512
0c6d73e16bb60309bbb6cb19b29bbc4bb11bf90dcf16d9d60a89b5f06425e66181ea9f7d60ea2d65aa8b2e6a919443147ef3606efc2572fc94fb55cebb548853
-
SSDEEP
196608:GTkICRmsIQcIAo4vtBLWOVrbTSCGCa/rnc:GGmsIZuOVrb2xCIn
Malware Config
Targets
-
-
Target
2024-05-23_43d977185abc43d34c26c12756fe7631_snatch
-
Size
20.7MB
-
MD5
43d977185abc43d34c26c12756fe7631
-
SHA1
d879dccda7996302314a0e26cf1aa54851c06adc
-
SHA256
df87ca54d1eb086bf84381d12cb9b42c02246c2fe569a15de161d9721c4a186f
-
SHA512
0c6d73e16bb60309bbb6cb19b29bbc4bb11bf90dcf16d9d60a89b5f06425e66181ea9f7d60ea2d65aa8b2e6a919443147ef3606efc2572fc94fb55cebb548853
-
SSDEEP
196608:GTkICRmsIQcIAo4vtBLWOVrbTSCGCa/rnc:GGmsIZuOVrb2xCIn
Score8/10-
Downloads MZ/PE file
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-