General
-
Target
2024-12-21_4a41b51ad45e7afe2361a0e6a2767ead_frostygoop_poet-rat_snatch
-
Size
5.2MB
-
Sample
241221-kfrrmawqaw
-
MD5
4a41b51ad45e7afe2361a0e6a2767ead
-
SHA1
9039ebdb8436cb16b4e05d76528cffb09ed2818d
-
SHA256
a5b080b113b0e13d9ceb14e8a542473d36e33c4bee8c90dd98edb666eaede9f6
-
SHA512
8f4dff537209e28f7dec4928fd73610bf5155046d2864c55b44ba70a9c4ad57e15905b705ecd4018203b412100cfa2e62fcbadd7e87478bc8b0c19f645adf645
-
SSDEEP
49152:f37SamZxElS+RgCSnA9Z7zuwNWwbY0HZzMOhy5jT5iYpeF+SVVOs5phn5Qvx1m:frSZDs6lA9FawpzClUl5pV
Static task
static1
Behavioral task
behavioral1
Sample
2024-12-21_4a41b51ad45e7afe2361a0e6a2767ead_frostygoop_poet-rat_snatch.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2024-12-21_4a41b51ad45e7afe2361a0e6a2767ead_frostygoop_poet-rat_snatch.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2024-12-21_4a41b51ad45e7afe2361a0e6a2767ead_frostygoop_poet-rat_snatch
-
Size
5.2MB
-
MD5
4a41b51ad45e7afe2361a0e6a2767ead
-
SHA1
9039ebdb8436cb16b4e05d76528cffb09ed2818d
-
SHA256
a5b080b113b0e13d9ceb14e8a542473d36e33c4bee8c90dd98edb666eaede9f6
-
SHA512
8f4dff537209e28f7dec4928fd73610bf5155046d2864c55b44ba70a9c4ad57e15905b705ecd4018203b412100cfa2e62fcbadd7e87478bc8b0c19f645adf645
-
SSDEEP
49152:f37SamZxElS+RgCSnA9Z7zuwNWwbY0HZzMOhy5jT5iYpeF+SVVOs5phn5Qvx1m:frSZDs6lA9FawpzClUl5pV
Score10/10-
Detect Vidar Stealer
-
Vidar family
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Suspicious use of SetThreadContext
-