laplas | 626c3199d139fbd3b2d56e67ab5aa21a87c4796c14f2c434d5afd78b8c0adf73 | Triage

Sharing

General

Target

2024-12-17_3d9729705bc8fe0e100c96d03b4891df_frostygoop_poet-rat_sliver_snatch
Size

600.1MB
Sample

241217-b6g6fawpdz
MD5

3d9729705bc8fe0e100c96d03b4891df
SHA1

9b59b630ac39de92c3ef592bdcde8b0703953b33
SHA256

626c3199d139fbd3b2d56e67ab5aa21a87c4796c14f2c434d5afd78b8c0adf73
SHA512

3c71480e02327cd2051a80690dfae22d7c3c83f543d2bd14874004d95373317e69d4a051bff35deaa881a6f959b144db0932330a7bee5afd7288d265a7ef0965
SSDEEP

12582912:RJVj5uX9Wx79hP0ALAEncYkTZ/ee4P87coh+rh+K3dq:EA5cYkTZ/kPpomh+sdq

Score

10^/10

laplas discovery

Malware Config

Targets

- Target
  
  2024-12-17_3d9729705bc8fe0e100c96d03b4891df_frostygoop_poet-rat_sliver_snatch
- Size
  
  600.1MB
- MD5
  
  3d9729705bc8fe0e100c96d03b4891df
- SHA1
  
  9b59b630ac39de92c3ef592bdcde8b0703953b33
- SHA256
  
  626c3199d139fbd3b2d56e67ab5aa21a87c4796c14f2c434d5afd78b8c0adf73
- SHA512
  
  3c71480e02327cd2051a80690dfae22d7c3c83f543d2bd14874004d95373317e69d4a051bff35deaa881a6f959b144db0932330a7bee5afd7288d265a7ef0965
- SSDEEP
  
  12582912:RJVj5uX9Wx79hP0ALAEncYkTZ/ee4P87coh+rh+K3dq:EA5cYkTZ/kPpomh+sdq
Score

7^/10

discovery
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2