Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
10-12-2024 14:23
General
-
Target
2024-12-10_4c5d8c41a4dea5e0820532afa2e43548_cobalt-strike_cobaltstrike_poet-rat_snatch.exe
-
Size
5.0MB
-
MD5
4c5d8c41a4dea5e0820532afa2e43548
-
SHA1
ed4a39a5e13a503fe14e125bfd0c3ad178aef7cb
-
SHA256
742865dfb1b7edaa0889ece7cf9c16dc21075761ac4c56e6091158534b9bfc5c
-
SHA512
5a732d078f1393c1b0abbf95c1996c620fa75901f1b35934c18edc95db56d906e833e3dd9287b0e34d7620d6933973217c1ddddb85e046893b2e239985c65d60
-
SSDEEP
49152:r56uL3pgrCEdMKPFotsgEBr6GjvzW+UBA3Gd7po52xWKQY2v2V6liK1uOCeXvpnU:r56utgpPFotBER/mQ32lUu
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-12-10_4c5d8c41a4dea5e0820532afa2e43548_cobalt-strike_cobaltstrike_poet-rat_snatch.exe"C:\Users\Admin\AppData\Local\Temp\2024-12-10_4c5d8c41a4dea5e0820532afa2e43548_cobalt-strike_cobaltstrike_poet-rat_snatch.exe"1⤵
- System Location Discovery: System Language Discovery