271404cc3bacf705d41c17f3f92436d42d3c6f0d365a5a4940fc897cfd81ed25 | Triage

Sharing

General

Target

2024-10-04_0d6fa314cea0a0fe20e6d25facc026f7_poet-rat_snatch
Size

5.8MB
Sample

241004-zhj7wsvflq
MD5

0d6fa314cea0a0fe20e6d25facc026f7
SHA1

e240b0a1136a2f4d8af15915037dc06036dddc9b
SHA256

271404cc3bacf705d41c17f3f92436d42d3c6f0d365a5a4940fc897cfd81ed25
SHA512

1a0d911352f6cf14c8ab7e2d87b10a30beb414985108a9ea4c4812a84581d16ff3f6bf0dcdfa3ef41e6063478f0d01738e435b9cb3a14ee37b70c29caea67afc
SSDEEP

49152:vzlnEcO3Cgrb/TbvO90d7HjmAFd4A64nsfJa/pJMBMvDF/4q4auspdkgKKhdvZfh:63CE/Xx4LKhdkhESp

Score

7^/10

Malware Config

Targets

- Target
  
  2024-10-04_0d6fa314cea0a0fe20e6d25facc026f7_poet-rat_snatch
- Size
  
  5.8MB
- MD5
  
  0d6fa314cea0a0fe20e6d25facc026f7
- SHA1
  
  e240b0a1136a2f4d8af15915037dc06036dddc9b
- SHA256
  
  271404cc3bacf705d41c17f3f92436d42d3c6f0d365a5a4940fc897cfd81ed25
- SHA512
  
  1a0d911352f6cf14c8ab7e2d87b10a30beb414985108a9ea4c4812a84581d16ff3f6bf0dcdfa3ef41e6063478f0d01738e435b9cb3a14ee37b70c29caea67afc
- SSDEEP
  
  49152:vzlnEcO3Cgrb/TbvO90d7HjmAFd4A64nsfJa/pJMBMvDF/4q4auspdkgKKhdvZfh:63CE/Xx4LKhdkhESp
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2