44caa1973f2904dca91405dcba745e396e4f0471fca5130022e8902bb164f7d9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-09_bd3e320923ea0b24e9fd51d4d7475883_poet-rat_snatch
Size

5.8MB
Sample

240809-xlsx4avakq
MD5

bd3e320923ea0b24e9fd51d4d7475883
SHA1

2606ebb47723e5927629b7b22be2f0c8a5394131
SHA256

44caa1973f2904dca91405dcba745e396e4f0471fca5130022e8902bb164f7d9
SHA512

8fdf55e1ce29affb890b110158da69cda6eefaa048c95cc8e1159ea790e5e0004ad1456b8d1bccba83211ca1ce129e5ddbaa97dc05e9466a88fa6dc861c4707d
SSDEEP

49152:vzlnEcO3Cgrb/TbvO90d7HjmAFd4A64nsfJa/pJMBMvDF/4q4auspdkgKKhdvZf4:63CE/Xx4LKhdk8ESp

Score

7^/10

Malware Config

Targets

- Target
  
  2024-08-09_bd3e320923ea0b24e9fd51d4d7475883_poet-rat_snatch
- Size
  
  5.8MB
- MD5
  
  bd3e320923ea0b24e9fd51d4d7475883
- SHA1
  
  2606ebb47723e5927629b7b22be2f0c8a5394131
- SHA256
  
  44caa1973f2904dca91405dcba745e396e4f0471fca5130022e8902bb164f7d9
- SHA512
  
  8fdf55e1ce29affb890b110158da69cda6eefaa048c95cc8e1159ea790e5e0004ad1456b8d1bccba83211ca1ce129e5ddbaa97dc05e9466a88fa6dc861c4707d
- SSDEEP
  
  49152:vzlnEcO3Cgrb/TbvO90d7HjmAFd4A64nsfJa/pJMBMvDF/4q4auspdkgKKhdvZf4:63CE/Xx4LKhdk8ESp
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2