2929bd278cf512a0888a91fd707c2ccb155c46a7bfee8af7cb01684fed9c7c65 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-27_fffafdc4021977213054a75e587d2daa_poet-rat_snatch
Size

5.8MB
Sample

240627-zhjalazcre
MD5

fffafdc4021977213054a75e587d2daa
SHA1

f15dfc868e1c37432d4780935499858327f35acb
SHA256

2929bd278cf512a0888a91fd707c2ccb155c46a7bfee8af7cb01684fed9c7c65
SHA512

5227fe11453b0eaf0f8ea719f918c7d1a3d9019da20cc4054c237b6ceced4a52f2c5a813df286dccbfadd03aefe1c46775559d6ad623fee352758f431c3022c6
SSDEEP

49152:vzlnEcO3Cgrb/TbvO90d7HjmAFd4A64nsfJa/pJMBMvDF/4q4auspdkgKKhdvZfI:63CE/Xx4LKhdknESp

Score

7^/10

Malware Config

Targets

- Target
  
  2024-06-27_fffafdc4021977213054a75e587d2daa_poet-rat_snatch
- Size
  
  5.8MB
- MD5
  
  fffafdc4021977213054a75e587d2daa
- SHA1
  
  f15dfc868e1c37432d4780935499858327f35acb
- SHA256
  
  2929bd278cf512a0888a91fd707c2ccb155c46a7bfee8af7cb01684fed9c7c65
- SHA512
  
  5227fe11453b0eaf0f8ea719f918c7d1a3d9019da20cc4054c237b6ceced4a52f2c5a813df286dccbfadd03aefe1c46775559d6ad623fee352758f431c3022c6
- SSDEEP
  
  49152:vzlnEcO3Cgrb/TbvO90d7HjmAFd4A64nsfJa/pJMBMvDF/4q4auspdkgKKhdvZfI:63CE/Xx4LKhdknESp
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2