General

  • Target

    2024-07-07_c5e9685d83931306ad3e644aa952d739_poet-rat_snatch

  • Size

    17.5MB

  • Sample

    240707-jb8nxayhma

  • MD5

    c5e9685d83931306ad3e644aa952d739

  • SHA1

    f4127a5d47c29dc22578193c976e6d3b2ca6222e

  • SHA256

    ee8a6055d3e8332097fdc1af64bb7cbad472744c01f7cc86db9e870bea514c38

  • SHA512

    b74216575fcf17351e659a0ce4fbde834fab00f10264ee81bf3741db783a7c965613582ba3476f3a27464f242f890700ade72eebe13187da22f3d3e46ba657e9

  • SSDEEP

    98304:qhhWph0yi/8ngBIdJKqa0eWHBy0vkrj/OgSeqmCxGmEKrt9+u51gN4:qn/vBIi9CkrseqmQeoB5/

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

192.168.72.131:44444

Targets

    • Target

      2024-07-07_c5e9685d83931306ad3e644aa952d739_poet-rat_snatch

    • Size

      17.5MB

    • MD5

      c5e9685d83931306ad3e644aa952d739

    • SHA1

      f4127a5d47c29dc22578193c976e6d3b2ca6222e

    • SHA256

      ee8a6055d3e8332097fdc1af64bb7cbad472744c01f7cc86db9e870bea514c38

    • SHA512

      b74216575fcf17351e659a0ce4fbde834fab00f10264ee81bf3741db783a7c965613582ba3476f3a27464f242f890700ade72eebe13187da22f3d3e46ba657e9

    • SSDEEP

      98304:qhhWph0yi/8ngBIdJKqa0eWHBy0vkrj/OgSeqmCxGmEKrt9+u51gN4:qn/vBIi9CkrseqmQeoB5/

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks