General
-
Target
2024-05-24_d6cd8fa021ea3c193af4d9b097bf8cdc_snatch
-
Size
8.5MB
-
MD5
d6cd8fa021ea3c193af4d9b097bf8cdc
-
SHA1
810de4b3f45cac5c3085f9042b84210dc45086f0
-
SHA256
d956b4affc640d2b7ee8607ef58c84857bffbfb10307f04c40f11861780ce050
-
SHA512
22e1854cd3f1ea4a3f4dbf4523df1c39f3d3d0cd00668c9e1fbf52f62c95ec90467b661c03f41d8bd354a0f6fd261832d33743ce557515f4f448e0f78c9cf2b1
-
SSDEEP
98304:y/tkNUvApWlmDJY8hv9zQC1nn/GqhZytTD5iq:y/iNUr+v1VhwN
Score
10/10
Malware Config
Signatures
-
Detects Windows executables referencing non-Windows User-Agents 1 IoCs
-
Detects executables Discord URL observed in first stage droppers 1 IoCs
-
Detects executables containing URLs to raw contents of a Github gist 1 IoCs
-
Detects executables referencing many varying, potentially fake Windows User-Agents 1 IoCs
-
Glupteba family
-
Glupteba payload 1 IoCs
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2024-05-24_d6cd8fa021ea3c193af4d9b097bf8cdc_snatch
1cd364a9e949d5ecebd6c614e64bc545
Headers
Imports
Sections