cab0710ff3dfc47b8cf4ccea235af9914fadf7ebe1a09acbbf8abe646a885667 | Triage

Sharing

General

Target

2024-11-19_a29ed5c94563aaf6908124c90b17fc33_frostygoop_luca-stealer_poet-rat_snatch
Size

5.0MB
Sample

241119-qwc63axdkk
MD5

a29ed5c94563aaf6908124c90b17fc33
SHA1

f55fa19a81c788d35516170cac51058b011e4ac8
SHA256

cab0710ff3dfc47b8cf4ccea235af9914fadf7ebe1a09acbbf8abe646a885667
SHA512

f7fe9034a368d9e80d49b5bb9d9ad3a5297bc2748e538c227303d860e86ad286c93cc61087be5a1e9c3f745d3f2558021313b11791c011af157dafb32b9000ca
SSDEEP

49152:JQ/lTzPN+tedV9nrb/T8vO90d7HjmAFd4A64nsfJJ6COtrzA4Xe1FxU1T/RX7BuR:6N+tedV5aQw1DPutbREm+eb

Score

8^/10

discovery evasion execution

Malware Config

Targets

- Target
  
  2024-11-19_a29ed5c94563aaf6908124c90b17fc33_frostygoop_luca-stealer_poet-rat_snatch
- Size
  
  5.0MB
- MD5
  
  a29ed5c94563aaf6908124c90b17fc33
- SHA1
  
  f55fa19a81c788d35516170cac51058b011e4ac8
- SHA256
  
  cab0710ff3dfc47b8cf4ccea235af9914fadf7ebe1a09acbbf8abe646a885667
- SHA512
  
  f7fe9034a368d9e80d49b5bb9d9ad3a5297bc2748e538c227303d860e86ad286c93cc61087be5a1e9c3f745d3f2558021313b11791c011af157dafb32b9000ca
- SSDEEP
  
  49152:JQ/lTzPN+tedV9nrb/T8vO90d7HjmAFd4A64nsfJJ6COtrzA4Xe1FxU1T/RX7BuR:6N+tedV5aQw1DPutbREm+eb
Score

8^/10

discovery evasion execution
- Stops running service(s)
  evasion execution
- Executes dropped EXE
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

Remote System Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

behavioral2

discoveryevasionexecution