2024-09-14_e525c8f5504ff54e999eb60d99ca221e_poet-rat_snatch | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-14_e525c8f5504ff54e999eb60d99ca221e_poet-rat_snatch
Size

10.0MB
MD5

e525c8f5504ff54e999eb60d99ca221e
SHA1

42a0508ec56e29dfd2056ed56e7e02416c4c366d
SHA256

778716178d2fab0720c23b76334afaa171c52730e45f1b33555656a072e6777b
SHA512

d8b88aec625c6a4ad9a24d276c587df7e26aec60ee531fe38ec2733b3f1f4f25f9c2ffe3c6ef693978b111f39c450fd5b61ca0b234e314433eacb0d78959c78d
SSDEEP

98304:rhHS+QHODKkryTeu4Fc5IKlAhE0w8cSiXyK2X3KBWSRjhugato0Iweic5Oatx:2NGKl0sSiXyK2nKBWSRjhuxMicltx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-14_e525c8f5504ff54e999eb60d99ca221e_poet-rat_snatch

Files

2024-09-14_e525c8f5504ff54e999eb60d99ca221e_poet-rat_snatch
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

+[7>DB
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

6K;
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

UI$$=
Size: 225KB - Virtual size: 514KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IB'
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

,"<QC=
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

S.7AR[
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_READ

Y83,P
Size: 11.1MB - Virtual size: 11.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

2.\HI
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

?E:1ZJ
Size: 10.2MB - Virtual size: 10.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

W["9J
Size: 647KB - Virtual size: 646KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

)@+3&=
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ