2024-09-11_9b7b4fbb0e4195ba1ff5f7846332dc18_snatch | Triage

Sharing

General

Target

2024-09-11_9b7b4fbb0e4195ba1ff5f7846332dc18_snatch
Size

27.5MB
MD5

9b7b4fbb0e4195ba1ff5f7846332dc18
SHA1

c5901ac6921269a4681cc88a0ef99e0590aabc5d
SHA256

0179ddf043e152997ae41d28ae15090df26f43d2da7d52cec03754716236fda0
SHA512

5636062d3a5edda26e425b5ec4973510e4b2e7b73816d420651d312abca3efaf17ee0600d6cd54652cf5ac3576a762364956f2b9984a12ebc411f780f1fb4ea9
SSDEEP

393216:DKr0SCY5X4zmiItytFIYUwgWw5Lv1hfAF4VRiL8XRvOvRzcEJ/Lq:GrhXQR9F/w5D1hfAFssUmvRNBW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-11_9b7b4fbb0e4195ba1ff5f7846332dc18_snatch

Files

2024-09-11_9b7b4fbb0e4195ba1ff5f7846332dc18_snatch
.exe windows:6 windows x86 arch:x86

dfed3f269ef127e1cb90f1c2f5cdc598

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

CharUpperBuffW

Sections

.MPRESS1
Size: 27.5MB - Virtual size: 48.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE