General

  • Target

    2025-01-19_3c44b2e95d7306167dcdd06193a658fd_frostygoop_luca-stealer_poet-rat_snatch

  • Size

    14.0MB

  • Sample

    250119-qz8gdazlbx

  • MD5

    3c44b2e95d7306167dcdd06193a658fd

  • SHA1

    7fd51f3b87467af904346df82ffcef9460f08a36

  • SHA256

    b3bf6c9f9d8edd2f7e0c2c3823788fb33d4baa97c82c16b9dca14b796d7633dc

  • SHA512

    2c42a690b064d89b18a2ca6464450903f2f0cc0476798b92384ca19a508a957e5392b15224a57509dec1f9ac9be71807c5336535bc0f2764d312f47bd43074bd

  • SSDEEP

    196608:5uGI5TRyG+KaRSUdb6Hzgn0zGgBtQQWWwLNALIEJe5Sz0:5qDadMTs0zT4HWwLNF6e5

Malware Config

Targets

    • Target

      2025-01-19_3c44b2e95d7306167dcdd06193a658fd_frostygoop_luca-stealer_poet-rat_snatch

    • Size

      14.0MB

    • MD5

      3c44b2e95d7306167dcdd06193a658fd

    • SHA1

      7fd51f3b87467af904346df82ffcef9460f08a36

    • SHA256

      b3bf6c9f9d8edd2f7e0c2c3823788fb33d4baa97c82c16b9dca14b796d7633dc

    • SHA512

      2c42a690b064d89b18a2ca6464450903f2f0cc0476798b92384ca19a508a957e5392b15224a57509dec1f9ac9be71807c5336535bc0f2764d312f47bd43074bd

    • SSDEEP

      196608:5uGI5TRyG+KaRSUdb6Hzgn0zGgBtQQWWwLNALIEJe5Sz0:5qDadMTs0zT4HWwLNF6e5

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Obfuscated Files or Information: Command Obfuscation

      Adversaries may obfuscate content during command execution to impede detection.

MITRE ATT&CK Enterprise v15

Tasks