General
-
Target
2024-06-03_7ec26a27e300ffcf78cce0196244880a_snatch
-
Size
9.6MB
-
Sample
240603-kcy2jaha9v
-
MD5
7ec26a27e300ffcf78cce0196244880a
-
SHA1
a7508dbe1e390a72b976b314d97eb32100b68d28
-
SHA256
82289c2bd45f88d94042d8a0ac0f6a0591e2b06c23f54398da1824e4ad3828f6
-
SHA512
ce8b4921520ebbcab5299001edef14b6ca0206e3d175eaa83a5aff42dd72af07f1add91a3c976ec683aea52353ead67382aeb78e43bb2afb2a351577697f04ad
-
SSDEEP
98304:MyYjXSUptv8dMr/uFGGQE/EoPOi8EW96Puhv:MJrtv8dLGW/EoPfW9xhv
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-03_7ec26a27e300ffcf78cce0196244880a_snatch.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-06-03_7ec26a27e300ffcf78cce0196244880a_snatch.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-03_7ec26a27e300ffcf78cce0196244880a_snatch
-
Size
9.6MB
-
MD5
7ec26a27e300ffcf78cce0196244880a
-
SHA1
a7508dbe1e390a72b976b314d97eb32100b68d28
-
SHA256
82289c2bd45f88d94042d8a0ac0f6a0591e2b06c23f54398da1824e4ad3828f6
-
SHA512
ce8b4921520ebbcab5299001edef14b6ca0206e3d175eaa83a5aff42dd72af07f1add91a3c976ec683aea52353ead67382aeb78e43bb2afb2a351577697f04ad
-
SSDEEP
98304:MyYjXSUptv8dMr/uFGGQE/EoPOi8EW96Puhv:MJrtv8dLGW/EoPfW9xhv
Score8/10-
Downloads MZ/PE file
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-