a4b5328a590aef9a6959ec3dd3413112ba4ccfd854f4314551e90706043f0298 | Triage

Sharing

General

Target

2024-09-14_5d3850d011a1e7c4dafb090696d27666_poet-rat_snatch
Size

5.8MB
Sample

240914-qbl88sverm
MD5

5d3850d011a1e7c4dafb090696d27666
SHA1

42c3b079a21a6cc00fc1c3f6fac412ca8b2ccf32
SHA256

a4b5328a590aef9a6959ec3dd3413112ba4ccfd854f4314551e90706043f0298
SHA512

15a8c44076558dbcba2f4ba3e19bc85c6117dbdd5ede88593b478ac86c783a177061b023d06ab89527595f99abbfaa696bf1086d665e0e20a0de484c7e095098
SSDEEP

49152:vzlnEcO3Cgrb/TbvO90d7HjmAFd4A64nsfJa/pJMBMvDF/4q4auspdkgKKhdvZfe:63CE/Xx4LKhdkuESp

Score

7^/10

Malware Config

Targets

- Target
  
  2024-09-14_5d3850d011a1e7c4dafb090696d27666_poet-rat_snatch
- Size
  
  5.8MB
- MD5
  
  5d3850d011a1e7c4dafb090696d27666
- SHA1
  
  42c3b079a21a6cc00fc1c3f6fac412ca8b2ccf32
- SHA256
  
  a4b5328a590aef9a6959ec3dd3413112ba4ccfd854f4314551e90706043f0298
- SHA512
  
  15a8c44076558dbcba2f4ba3e19bc85c6117dbdd5ede88593b478ac86c783a177061b023d06ab89527595f99abbfaa696bf1086d665e0e20a0de484c7e095098
- SSDEEP
  
  49152:vzlnEcO3Cgrb/TbvO90d7HjmAFd4A64nsfJa/pJMBMvDF/4q4auspdkgKKhdvZfe:63CE/Xx4LKhdkuESp
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2