General
-
Target
2024-05-25_c7ba511ca9487b706c8a8914c805d25b_snatch
-
Size
8.5MB
-
MD5
c7ba511ca9487b706c8a8914c805d25b
-
SHA1
05a8deaad9aa5e29c823c321bf4785ec5171094a
-
SHA256
00ccf3fa4db6068e64e6afb04bfc6a31c7f9c8cf2187cd7a912a5ebcd28e33cc
-
SHA512
228a380ff7e7de251b23084656a4186e52bf96f937c6bc74949f1d61387d944034c93ee2b39ce4612211b304379fe45afa68e76136ff5c21c7517bb5fcde8323
-
SSDEEP
98304:y/tkNUvApWlmDJY8hv9zQC1nb/GqhZytTD5iq:y/iNUr+v1phwN
Score
10/10
Malware Config
Signatures
-
Detects Windows executables referencing non-Windows User-Agents 1 IoCs
-
Detects executables Discord URL observed in first stage droppers 1 IoCs
-
Detects executables containing URLs to raw contents of a Github gist 1 IoCs
-
Detects executables referencing many varying, potentially fake Windows User-Agents 1 IoCs
-
Glupteba family
-
Glupteba payload 1 IoCs
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2024-05-25_c7ba511ca9487b706c8a8914c805d25b_snatch
1cd364a9e949d5ecebd6c614e64bc545
Headers
Imports
Sections