General
-
Target
2025-01-19_3c44b2e95d7306167dcdd06193a658fd_frostygoop_luca-stealer_poet-rat_snatch
-
Size
14.0MB
-
Sample
250119-qz8gdazlbx
-
MD5
3c44b2e95d7306167dcdd06193a658fd
-
SHA1
7fd51f3b87467af904346df82ffcef9460f08a36
-
SHA256
b3bf6c9f9d8edd2f7e0c2c3823788fb33d4baa97c82c16b9dca14b796d7633dc
-
SHA512
2c42a690b064d89b18a2ca6464450903f2f0cc0476798b92384ca19a508a957e5392b15224a57509dec1f9ac9be71807c5336535bc0f2764d312f47bd43074bd
-
SSDEEP
196608:5uGI5TRyG+KaRSUdb6Hzgn0zGgBtQQWWwLNALIEJe5Sz0:5qDadMTs0zT4HWwLNF6e5
Static task
static1
Behavioral task
behavioral1
Sample
2025-01-19_3c44b2e95d7306167dcdd06193a658fd_frostygoop_luca-stealer_poet-rat_snatch.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2025-01-19_3c44b2e95d7306167dcdd06193a658fd_frostygoop_luca-stealer_poet-rat_snatch.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2025-01-19_3c44b2e95d7306167dcdd06193a658fd_frostygoop_luca-stealer_poet-rat_snatch
-
Size
14.0MB
-
MD5
3c44b2e95d7306167dcdd06193a658fd
-
SHA1
7fd51f3b87467af904346df82ffcef9460f08a36
-
SHA256
b3bf6c9f9d8edd2f7e0c2c3823788fb33d4baa97c82c16b9dca14b796d7633dc
-
SHA512
2c42a690b064d89b18a2ca6464450903f2f0cc0476798b92384ca19a508a957e5392b15224a57509dec1f9ac9be71807c5336535bc0f2764d312f47bd43074bd
-
SSDEEP
196608:5uGI5TRyG+KaRSUdb6Hzgn0zGgBtQQWWwLNALIEJe5Sz0:5qDadMTs0zT4HWwLNF6e5
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Obfuscated Files or Information: Command Obfuscation
Adversaries may obfuscate content during command execution to impede detection.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
2Credentials In Files
2