 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: Snatch| Names | Snatch | |
| Category | Malware | |
| Type | Ransomware | |
| Description | Snatch is a ransomware which infects victims by rebooting the PC into Safe Mode. Most of the existing security protections do not run in Safe Mode so that it the malware can act without expected countermeasures and it can encrypt as many files as it finds. It uses common packers such as UPX to hide its payload. | |
| Information | <https://news.sophos.com/en-us/2019/12/09/snatch-ransomware-reboots-pcs-into-safe-mode-to-bypass-protection/> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.snatch> | |
Last change to this tool card: 23 April 2020
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| TA505, Graceful Spider, Gold Evergreen |  | 2006-Nov 2022 |  | ||
Other groups | |||||
| TA554 | [Unknown] | 2017 | |||
2 groups listed (1 APT, 1 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |