Overview

overview

3

Static

static

3

2024-08-21...ch.exe

windows7-x64

1

2024-08-21...ch.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21-08-2024 17:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-08-21_4d9cfc31e4f784565ba69575c313fae2_poet-rat_snatch.exe

  • Size

    36.7MB

  • MD5

    4d9cfc31e4f784565ba69575c313fae2

  • SHA1

    d43ae87477fc92cfbd0052a0bc214fe06f70df71

  • SHA256

    b6fe7c503e233b1f7c72df5d47158f7762298de3aa064e99ee2a0238ba1d0c9c

  • SHA512

    79dbe43733e1744fce304fb54cbc34eb625b1dec2b1277c66fc76d29f55bcbb95c901c7bd8dc627a89d12dce6e3b94c2a8e2ef0979db82c0d1c516a2ab1b3c38

  • SSDEEP

    196608:eYTxbKRXIOcWLLciGlrDYfmp2IeEzgqZv0Vk8qXcmBuQ5XPpUrO/gzKf0OO8I612:/pKRXpnLGAmiXqZ8AcAuQFGNzXOD+Zp

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-08-21_4d9cfc31e4f784565ba69575c313fae2_poet-rat_snatch.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-08-21_4d9cfc31e4f784565ba69575c313fae2_poet-rat_snatch.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:2336

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads