General
-
Target
2024-07-07_c5e9685d83931306ad3e644aa952d739_poet-rat_snatch
-
Size
17.5MB
-
Sample
240707-jb8nxayhma
-
MD5
c5e9685d83931306ad3e644aa952d739
-
SHA1
f4127a5d47c29dc22578193c976e6d3b2ca6222e
-
SHA256
ee8a6055d3e8332097fdc1af64bb7cbad472744c01f7cc86db9e870bea514c38
-
SHA512
b74216575fcf17351e659a0ce4fbde834fab00f10264ee81bf3741db783a7c965613582ba3476f3a27464f242f890700ade72eebe13187da22f3d3e46ba657e9
-
SSDEEP
98304:qhhWph0yi/8ngBIdJKqa0eWHBy0vkrj/OgSeqmCxGmEKrt9+u51gN4:qn/vBIi9CkrseqmQeoB5/
Static task
static1
Behavioral task
behavioral1
Sample
2024-07-07_c5e9685d83931306ad3e644aa952d739_poet-rat_snatch.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2024-07-07_c5e9685d83931306ad3e644aa952d739_poet-rat_snatch.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
metasploit
metasploit_stager
192.168.72.131:44444
Targets
-
-
Target
2024-07-07_c5e9685d83931306ad3e644aa952d739_poet-rat_snatch
-
Size
17.5MB
-
MD5
c5e9685d83931306ad3e644aa952d739
-
SHA1
f4127a5d47c29dc22578193c976e6d3b2ca6222e
-
SHA256
ee8a6055d3e8332097fdc1af64bb7cbad472744c01f7cc86db9e870bea514c38
-
SHA512
b74216575fcf17351e659a0ce4fbde834fab00f10264ee81bf3741db783a7c965613582ba3476f3a27464f242f890700ade72eebe13187da22f3d3e46ba657e9
-
SSDEEP
98304:qhhWph0yi/8ngBIdJKqa0eWHBy0vkrj/OgSeqmCxGmEKrt9+u51gN4:qn/vBIi9CkrseqmQeoB5/
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-