Analysis
-
max time kernel
149s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
26-07-2024 10:24
Static task
static1
Behavioral task
behavioral1
Sample
2024-07-26_06d8a35086592fdbb569985d0ae0d606_snatch.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
2024-07-26_06d8a35086592fdbb569985d0ae0d606_snatch.exe
Resource
win10v2004-20240709-en
General
-
Target
2024-07-26_06d8a35086592fdbb569985d0ae0d606_snatch.exe
-
Size
2.8MB
-
MD5
06d8a35086592fdbb569985d0ae0d606
-
SHA1
b54adaf0e1db2e2d1b67bb80ad8bfb6e69f9436d
-
SHA256
7975bb69cf9a5f290971a5811b510254531e0c6065396ab5ad48a684b1a8cd66
-
SHA512
0af7546b5fbff81d013429d8e72076a7bcc16f9cfbd7f8d5d04a951f724c300b0fad5df8004344e3c212e981965f4985ed78b72dfac0b594f385f605a8293532
-
SSDEEP
49152:X6xME2f5y9KCOi5+Ceg5oz/zQIM74D1OVD1SjR9N5O6X/5NIoQthX:4yCsDe/R2Ta6Pgz
Malware Config
Extracted
cobaltstrike
http://service-kaic9luv-1307760246.sh.apigw.tencentcs.com:443/bootstrap-2.min.js
-
user_agent
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.