General
-
Target
2024-11-09_b7d3ff2625833b91c391150b69ab28cb_frostygoop_luca-stealer_snatch
-
Size
6.0MB
-
Sample
241109-klfasatqen
-
MD5
b7d3ff2625833b91c391150b69ab28cb
-
SHA1
203e89fb333c14387a49d1e3cddfd63d1ebfa767
-
SHA256
313ef604a3862f516b6c47fa8b9a680cee5a64f50a3b3aba49aca73c64684942
-
SHA512
0d58f90e2a29b0a7125781028e0bd871ead4fbbcac3341a35ae418bd4152b790499da148985b28168aaa4c4f31fc831bb85c7ad54bbef05bff55f166fa7db1bb
-
SSDEEP
49152:3V4tWlEDLqgotRXisNoIonwxq+QbPbwk8is9nD/whL3MV4XAPXECWnp:3f9RSxwBQbTV819nDYN3MVzP0
Static task
static1
Behavioral task
behavioral1
Sample
2024-11-09_b7d3ff2625833b91c391150b69ab28cb_frostygoop_luca-stealer_snatch.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2024-11-09_b7d3ff2625833b91c391150b69ab28cb_frostygoop_luca-stealer_snatch.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
cobaltstrike
http://43.156.151.185:8090/WuFK
-
user_agent
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0
Targets
-
-
Target
2024-11-09_b7d3ff2625833b91c391150b69ab28cb_frostygoop_luca-stealer_snatch
-
Size
6.0MB
-
MD5
b7d3ff2625833b91c391150b69ab28cb
-
SHA1
203e89fb333c14387a49d1e3cddfd63d1ebfa767
-
SHA256
313ef604a3862f516b6c47fa8b9a680cee5a64f50a3b3aba49aca73c64684942
-
SHA512
0d58f90e2a29b0a7125781028e0bd871ead4fbbcac3341a35ae418bd4152b790499da148985b28168aaa4c4f31fc831bb85c7ad54bbef05bff55f166fa7db1bb
-
SSDEEP
49152:3V4tWlEDLqgotRXisNoIonwxq+QbPbwk8is9nD/whL3MV4XAPXECWnp:3f9RSxwBQbTV819nDYN3MVzP0
Score10/10-
Cobaltstrike family
-
Executes dropped EXE
-