General
-
Target
2024-10-28_2dc8cdf825e23ff1df1ad11b3a6f1973_poet-rat_snatch
-
Size
16.0MB
-
Sample
241028-rr72bayqbj
-
MD5
2dc8cdf825e23ff1df1ad11b3a6f1973
-
SHA1
82af57e0e6d7cf944148d3a16d7c8ca94fa982f8
-
SHA256
5d215747817125559e1a2d934c301ab466cbc956a6839c8a45f8b02b84b184d0
-
SHA512
3f20bb95a167d10a2998a63ab0ccd69fe81822d24a39d868d019ac0ff890067c23c015dc0be531d9531be26d6d3f44d7f11c23214ba4778e038b6844f8c8879b
-
SSDEEP
98304:dKulY9+o0L82IacWOEF8xbADr/xLCqjqdYCDBvYuSHFCxMg:DZVyj8/tCGiBdSHF7g
Static task
static1
Behavioral task
behavioral1
Sample
2024-10-28_2dc8cdf825e23ff1df1ad11b3a6f1973_poet-rat_snatch.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
2024-10-28_2dc8cdf825e23ff1df1ad11b3a6f1973_poet-rat_snatch.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2024-10-28_2dc8cdf825e23ff1df1ad11b3a6f1973_poet-rat_snatch
-
Size
16.0MB
-
MD5
2dc8cdf825e23ff1df1ad11b3a6f1973
-
SHA1
82af57e0e6d7cf944148d3a16d7c8ca94fa982f8
-
SHA256
5d215747817125559e1a2d934c301ab466cbc956a6839c8a45f8b02b84b184d0
-
SHA512
3f20bb95a167d10a2998a63ab0ccd69fe81822d24a39d868d019ac0ff890067c23c015dc0be531d9531be26d6d3f44d7f11c23214ba4778e038b6844f8c8879b
-
SSDEEP
98304:dKulY9+o0L82IacWOEF8xbADr/xLCqjqdYCDBvYuSHFCxMg:DZVyj8/tCGiBdSHF7g
Score8/10-
Blocklisted process makes network request
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Suspicious use of SetThreadContext
-