282caf7ff33d016c53fbddd8158f56b65b3d7240c25d50d40dc5fbcb8d0a2288 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-09_4ac09b06b424ab7031ee5f0ccd3a4725_poet-rat_snatch
Size

5.8MB
Sample

240809-xhf45athnk
MD5

4ac09b06b424ab7031ee5f0ccd3a4725
SHA1

f60987edfa790589abf7532f51a2322ba02c1917
SHA256

282caf7ff33d016c53fbddd8158f56b65b3d7240c25d50d40dc5fbcb8d0a2288
SHA512

b1b8274167e025c4ff055a92ec7398685cf01d6e7f09485cf6847088e8366258350e1d574b03e5c068bd16a8a99343dc95800378caf4f42cd32ce59a2e794747
SSDEEP

49152:vzlnEcO3Cgrb/TbvO90d7HjmAFd4A64nsfJa/pJMBMvDF/4q4auspdkgKKhdvZf/:63CE/Xx4LKhdkaESp

Score

7^/10

Malware Config

Targets

- Target
  
  2024-08-09_4ac09b06b424ab7031ee5f0ccd3a4725_poet-rat_snatch
- Size
  
  5.8MB
- MD5
  
  4ac09b06b424ab7031ee5f0ccd3a4725
- SHA1
  
  f60987edfa790589abf7532f51a2322ba02c1917
- SHA256
  
  282caf7ff33d016c53fbddd8158f56b65b3d7240c25d50d40dc5fbcb8d0a2288
- SHA512
  
  b1b8274167e025c4ff055a92ec7398685cf01d6e7f09485cf6847088e8366258350e1d574b03e5c068bd16a8a99343dc95800378caf4f42cd32ce59a2e794747
- SSDEEP
  
  49152:vzlnEcO3Cgrb/TbvO90d7HjmAFd4A64nsfJa/pJMBMvDF/4q4auspdkgKKhdvZf/:63CE/Xx4LKhdkaESp
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2