Overview

overview

7

Static

static

3

2024-06-29...ch.exe

windows7-x64

1

2024-06-29...ch.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    133s
  • max time network
    123s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/06/2024, 00:50

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-06-29_c21c588808bbd6b45b7b277a67257476_snatch.exe

  • Size

    5.0MB

  • MD5

    c21c588808bbd6b45b7b277a67257476

  • SHA1

    55366a29a86f6d203b4287b27b6ec34ae9dc7f13

  • SHA256

    822b3b795de228056c3bc134f815cac7e5723ceb6dc86c2db9f0490c7163219f

  • SHA512

    ad3ac5a8298afda3d7676a96cf2b7b74312c0d0a717184a4dd4fa1789f7484348fe28e3875267ad956ffd840bf57a4d986d2dca7eaed296f33753ca45a532898

  • SSDEEP

    98304:znBt9ClofIj/nNw8isS5yt9Oq1irOacy6:jVbIjNwOCk9/1ia

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-06-29_c21c588808bbd6b45b7b277a67257476_snatch.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-06-29_c21c588808bbd6b45b7b277a67257476_snatch.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4488
    • C:\Users\Admin\AppData\Local\Temp\.scr
      C:\Users\Admin\AppData\Local\Temp\.scr
      2⤵
      • Executes dropped EXE
      PID:3136
    • C:\Users\Admin\AppData\Local\Temp\.scr
      C:\Users\Admin\AppData\Local\Temp\.scr
      2⤵
      • Executes dropped EXE
      PID:4912

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\.scr
          Filesize

          973KB

          MD5

          43d79c14ec0cec20b114a34d7997e815

          SHA1

          acf0dd42c499c76613a72bc0e1ba8ce567a526c9

          SHA256

          d056bbafb3e69efc93d659de9e9666c453c19f59fe3fed0b53e6b051bfb9866a

          SHA512

          defe6dbc27777da051b0e5be91c7c6f2236fc3ea6404ec105a4a17a400cd8d829ee5f0f0f542e83c353345ac38f12278d08341a35df90ce690d934896be1a580

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\.scr
          Filesize

          1.6MB

          MD5

          5efef6cc9cd24baeeed71c1107fc32df

          SHA1

          3cfc9764083154f682a38831c8229e3e29cbe3ef

          SHA256

          e61b8f44ab92cf0f9cb1101347967d31e1839979142a4114a7dd02aa237ba021

          SHA512

          cecd98f0e238d7387b44838251b795bb95e85ec8d35242fc24532ba21929759685205133923268bf8bc0e2ded37db7d88ecbe2b692d2be6f09c6d92a57d1fdac

          Download Submit