General
-
Target
2024-10-21_19fa3a1cc2cf6cf0aecd7364a2e35a5d_poet-rat_snatch
-
Size
8.0MB
-
Sample
241021-jly78axcjp
-
MD5
19fa3a1cc2cf6cf0aecd7364a2e35a5d
-
SHA1
47a878768677e0d37bdfe1aaacc9d3bd036f8843
-
SHA256
19d73a16b9bd156d818ed075fda08b1fc284917fd0839d9f380ed47f71d2e211
-
SHA512
6aa9981608d73a575c58ed2c6214db72aa2f1bd34c01717c19b1ded9f5868376671c8cf7ce7be1ad7b3e8e92c81c3733f8160ddbcf8489277ae4d867cb5fb819
-
SSDEEP
49152:5ojkM0b84QJYgOSdHIyaX/Jrqs2ezxRY+V9te8unhyos8kmuiYwNCHBuIjy8mXob:KjkMh+d20XjV95tEPXod43A6IreXq
Static task
static1
Behavioral task
behavioral1
Sample
2024-10-21_19fa3a1cc2cf6cf0aecd7364a2e35a5d_poet-rat_snatch.exe
Resource
win7-20241010-en
Malware Config
Extracted
lumma
https://snailyeductyi.sbs
https://ferrycheatyk.sbs
https://deepymouthi.sbs
https://wrigglesight.sbs
https://captaitwik.sbs
https://sidercotay.sbs
https://heroicmint.sbs
https://monstourtu.sbs
Targets
-
-
Target
2024-10-21_19fa3a1cc2cf6cf0aecd7364a2e35a5d_poet-rat_snatch
-
Size
8.0MB
-
MD5
19fa3a1cc2cf6cf0aecd7364a2e35a5d
-
SHA1
47a878768677e0d37bdfe1aaacc9d3bd036f8843
-
SHA256
19d73a16b9bd156d818ed075fda08b1fc284917fd0839d9f380ed47f71d2e211
-
SHA512
6aa9981608d73a575c58ed2c6214db72aa2f1bd34c01717c19b1ded9f5868376671c8cf7ce7be1ad7b3e8e92c81c3733f8160ddbcf8489277ae4d867cb5fb819
-
SSDEEP
49152:5ojkM0b84QJYgOSdHIyaX/Jrqs2ezxRY+V9te8unhyos8kmuiYwNCHBuIjy8mXob:KjkMh+d20XjV95tEPXod43A6IreXq
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-