Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
05-09-2024 12:28
General
-
Target
2024-09-05_51c6c420574c25778032fb816840b8a1_poet-rat_snatch.exe
-
Size
15.3MB
-
MD5
51c6c420574c25778032fb816840b8a1
-
SHA1
6b56a087f90567939e2cbc2ce916b4e8f3ae043d
-
SHA256
7d495821954e810cda305ccde3d3fca0fbdbd3abd437694117697a030127a9e2
-
SHA512
448e8448c05ab7310adf1d2350462a7f4b972867e6269c44905d603bf94821c52d98115aabb59833f806e3e65b89e891f8d4d3ad4f233dd3f9383f9718014e28
-
SSDEEP
98304:mHB1kh/JftvWYf78X1Mlpo9SJzrbSUT/Pfm+KXRDV8HrASqyRxDgv:ckVVel4u+ARZ8XD2
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-09-05_51c6c420574c25778032fb816840b8a1_poet-rat_snatch.exe"C:\Users\Admin\AppData\Local\Temp\2024-09-05_51c6c420574c25778032fb816840b8a1_poet-rat_snatch.exe"1⤵
- System Location Discovery: System Language Discovery