2024-07-06_81222ede1c519a56c835b2b8b635abee_poet-rat_snatch

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-06_81222ede1c519a56c835b2b8b635abee_poet-rat_snatch
Size

5.3MB
MD5

81222ede1c519a56c835b2b8b635abee
SHA1

c3d9e2559e9b9b26a15b7a038c676e1b8589f767
SHA256

9773bc16d80c48884ba2d27dd9f004d07afd7108228c426744922fbb957e8366
SHA512

6b40c3fd7e15d1c102953a2a7fa1f50dc826e2cb6e3e5ce0ef8c9616e4e6dd5099f85cc86f961c1e955dde9fca0a145c6daf673504f716522b80c187bbfa111a
SSDEEP

49152:0OGFSmzC5gtP7KKQRTjX87AKmOeYgk1t9jJ1j55ED0b0TpzETiBaNwyUPMkFNoGY:L6bzm/p8NgkDNEDltMiByUPJNoGqt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-06_81222ede1c519a56c835b2b8b635abee_poet-rat_snatch

Files

2024-07-06_81222ede1c519a56c835b2b8b635abee_poet-rat_snatch
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 233KB - Virtual size: 601KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 297B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 406KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/32
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/46
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/65
Size: 850KB - Virtual size: 849KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/78
Size: 532KB - Virtual size: 531KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/90
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 321KB - Virtual size: 321KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 2.3MB - Virtual size: 2.3MB

.data Size: 233KB - Virtual size: 601KB

.pdata Size: 53KB - Virtual size: 52KB

.xdata Size: 512B - Virtual size: 168B

/4 Size: 512B - Virtual size: 297B

/19 Size: 406KB - Virtual size: 405KB

/32 Size: 87KB - Virtual size: 86KB

/46 Size: 512B - Virtual size: 48B

/65 Size: 850KB - Virtual size: 849KB

/78 Size: 532KB - Virtual size: 531KB

/90 Size: 150KB - Virtual size: 149KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 41KB - Virtual size: 41KB

.symtab Size: 321KB - Virtual size: 321KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 2.3MB - Virtual size: 2.3MB

.data
Size: 233KB - Virtual size: 601KB

.pdata
Size: 53KB - Virtual size: 52KB

.xdata
Size: 512B - Virtual size: 168B

/4
Size: 512B - Virtual size: 297B

/19
Size: 406KB - Virtual size: 405KB

/32
Size: 87KB - Virtual size: 86KB

/46
Size: 512B - Virtual size: 48B

/65
Size: 850KB - Virtual size: 849KB

/78
Size: 532KB - Virtual size: 531KB

/90
Size: 150KB - Virtual size: 149KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 41KB - Virtual size: 41KB

.symtab
Size: 321KB - Virtual size: 321KB