Analysis
-
max time kernel
131s -
max time network
134s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
03-08-2024 13:39
General
-
Target
2024-08-03_a1f6c60513653f169b5f637173bc72a0_poet-rat_sliver_snatch.exe
-
Size
15.2MB
-
MD5
a1f6c60513653f169b5f637173bc72a0
-
SHA1
afa6830f68ba9700599318f56909f5232870a902
-
SHA256
c20bf44e9b1ea6a13cfddefb8d731ea5e1cedca1793a56e2c8e375ca9f523e62
-
SHA512
e062ba6e22c08f5a91ea5ca39caf2804313fe74a2f3cb6e8572d21612e99c728a385ca86b97349469ab3a8172acbff7e645ab78c48069d46747cbe0f2cc0fa5e
-
SSDEEP
196608:GGS6aQ0eGjftX4boqoFM0ImMHhVUrZNXy:xSzeGjFX60RMnU9N
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-08-03_a1f6c60513653f169b5f637173bc72a0_poet-rat_sliver_snatch.exe"C:\Users\Admin\AppData\Local\Temp\2024-08-03_a1f6c60513653f169b5f637173bc72a0_poet-rat_sliver_snatch.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4180,i,3210801877307184477,8078594481454001567,262144 --variations-seed-version --mojo-platform-channel-handle=4612 /prefetch:81⤵