General

  • Target

    2025-01-19_221e8480232231d1b3da1ffc132f2744_frostygoop_luca-stealer_poet-rat_snatch

  • Size

    9.3MB

  • Sample

    250119-qzpdhazrcn

  • MD5

    221e8480232231d1b3da1ffc132f2744

  • SHA1

    bd742e989bbe1213cd39dad4e7e54fc462713398

  • SHA256

    4f0a68180f7d5a495d0adeb0a43986b7da26411e30557d524b2f2a03126451c1

  • SHA512

    2425b059eeaec3eb49719c687bb62b32fe5f6d5bb3fc24ce4d949393c6248a05cd37ee518cfe78de1a011950805ce45cc347c9d5a057ecf2e2b45e131f1d96ef

  • SSDEEP

    98304:5/MccOfweBnTwTvyFWZcVfTiXEAfXUclZsW6/:5DRwTvyUZcVfOUKb6/

Malware Config

Targets

    • Target

      2025-01-19_221e8480232231d1b3da1ffc132f2744_frostygoop_luca-stealer_poet-rat_snatch

    • Size

      9.3MB

    • MD5

      221e8480232231d1b3da1ffc132f2744

    • SHA1

      bd742e989bbe1213cd39dad4e7e54fc462713398

    • SHA256

      4f0a68180f7d5a495d0adeb0a43986b7da26411e30557d524b2f2a03126451c1

    • SHA512

      2425b059eeaec3eb49719c687bb62b32fe5f6d5bb3fc24ce4d949393c6248a05cd37ee518cfe78de1a011950805ce45cc347c9d5a057ecf2e2b45e131f1d96ef

    • SSDEEP

      98304:5/MccOfweBnTwTvyFWZcVfTiXEAfXUclZsW6/:5DRwTvyUZcVfOUKb6/

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Obfuscated Files or Information: Command Obfuscation

      Adversaries may obfuscate content during command execution to impede detection.

MITRE ATT&CK Enterprise v15

Tasks