General

  • Target

    2024-06-03_7ec26a27e300ffcf78cce0196244880a_snatch

  • Size

    9.6MB

  • Sample

    240603-kcy2jaha9v

  • MD5

    7ec26a27e300ffcf78cce0196244880a

  • SHA1

    a7508dbe1e390a72b976b314d97eb32100b68d28

  • SHA256

    82289c2bd45f88d94042d8a0ac0f6a0591e2b06c23f54398da1824e4ad3828f6

  • SHA512

    ce8b4921520ebbcab5299001edef14b6ca0206e3d175eaa83a5aff42dd72af07f1add91a3c976ec683aea52353ead67382aeb78e43bb2afb2a351577697f04ad

  • SSDEEP

    98304:MyYjXSUptv8dMr/uFGGQE/EoPOi8EW96Puhv:MJrtv8dLGW/EoPfW9xhv

Malware Config

Targets

    • Target

      2024-06-03_7ec26a27e300ffcf78cce0196244880a_snatch

    • Size

      9.6MB

    • MD5

      7ec26a27e300ffcf78cce0196244880a

    • SHA1

      a7508dbe1e390a72b976b314d97eb32100b68d28

    • SHA256

      82289c2bd45f88d94042d8a0ac0f6a0591e2b06c23f54398da1824e4ad3828f6

    • SHA512

      ce8b4921520ebbcab5299001edef14b6ca0206e3d175eaa83a5aff42dd72af07f1add91a3c976ec683aea52353ead67382aeb78e43bb2afb2a351577697f04ad

    • SSDEEP

      98304:MyYjXSUptv8dMr/uFGGQE/EoPOi8EW96Puhv:MJrtv8dLGW/EoPfW9xhv

    • Downloads MZ/PE file

    • Sets file execution options in registry

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks