Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    24-11-2024 07:50

General

  • Target

    2024-11-24_e86224a012a5f1b729182f3ee7188313_frostygoop_poet-rat_snatch.exe

  • Size

    8.2MB

  • MD5

    e86224a012a5f1b729182f3ee7188313

  • SHA1

    815241dd131930091cae154a21cb842d290f677f

  • SHA256

    79d2beb666f27be59e7aadae2c2acb139221689d734f556779c91e0f3a4629e1

  • SHA512

    26d6add3a1fc250eeab77ecf3d8d2e02cd3a873ecbb3dd8465e1a2e6ed89b8f25f55cee347b178678651df71083c5132cabc97c2ac11cf469765a8d4a40e1e6a

  • SSDEEP

    98304:9fdMMWNTwsBRL+oNyAJHBcjrNH+mCmDs9JFJ:IQsNHedhsr

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-11-24_e86224a012a5f1b729182f3ee7188313_frostygoop_poet-rat_snatch.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-11-24_e86224a012a5f1b729182f3ee7188313_frostygoop_poet-rat_snatch.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2524

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads