384d35870419392407332bc9b32013641cdb542ac9bc80d7457c8d44c7f98465 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-14_3fb982a89cfc0b99ad9387be4a0ab85a_poet-rat_snatch
Size

5.8MB
Sample

240914-yva93stblq
MD5

3fb982a89cfc0b99ad9387be4a0ab85a
SHA1

a15aad2a2b8c64d759810ccd0391447ee68f1ede
SHA256

384d35870419392407332bc9b32013641cdb542ac9bc80d7457c8d44c7f98465
SHA512

b065560610f8a0f2f4931df2d42e2cf2d7ef24bd3df298edbc76f654af6bd3409a5e2ff84b6a32fe84c16ece058a19a15b6c297259c3bfb8dcd49adbbf256acb
SSDEEP

49152:vzlnEcO3Cgrb/TbvO90d7HjmAFd4A64nsfJa/pJMBMvDF/4q4auspdkgKKhdvZf+:63CE/Xx4LKhdkuESp

Score

7^/10

Malware Config

Targets

- Target
  
  2024-09-14_3fb982a89cfc0b99ad9387be4a0ab85a_poet-rat_snatch
- Size
  
  5.8MB
- MD5
  
  3fb982a89cfc0b99ad9387be4a0ab85a
- SHA1
  
  a15aad2a2b8c64d759810ccd0391447ee68f1ede
- SHA256
  
  384d35870419392407332bc9b32013641cdb542ac9bc80d7457c8d44c7f98465
- SHA512
  
  b065560610f8a0f2f4931df2d42e2cf2d7ef24bd3df298edbc76f654af6bd3409a5e2ff84b6a32fe84c16ece058a19a15b6c297259c3bfb8dcd49adbbf256acb
- SSDEEP
  
  49152:vzlnEcO3Cgrb/TbvO90d7HjmAFd4A64nsfJa/pJMBMvDF/4q4auspdkgKKhdvZf+:63CE/Xx4LKhdkuESp
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2