4e2cc5a128e810bff607d9387cde16624c6188c0b8206668f99aa95659783122 | Triage

Sharing

General

Target

2025-02-18_065a35ee72de722e6c34bf2895982311_poet-rat_snatch
Size

13.5MB
Sample

250218-j98fssypgq
MD5

065a35ee72de722e6c34bf2895982311
SHA1

a35cb06ce4a6c914a6c1c60a9e1ca7dabe464241
SHA256

4e2cc5a128e810bff607d9387cde16624c6188c0b8206668f99aa95659783122
SHA512

38f8982c85f43c07afeadb1c572c21e74f7017197955d26528e5425f8f8070090ed3ea3624fc30d2e2de0d00d93aa9c09fa33704d1dc099ed85c6ffa0caada6b
SSDEEP

196608:I+D5q1SGs2yRwtkpqShRBhR3hREhRQhRShRPhR+hRbhR9hRuhRz:DAkLRLRxRYRMR2RZRaRtRPRKRz

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  2025-02-18_065a35ee72de722e6c34bf2895982311_poet-rat_snatch
- Size
  
  13.5MB
- MD5
  
  065a35ee72de722e6c34bf2895982311
- SHA1
  
  a35cb06ce4a6c914a6c1c60a9e1ca7dabe464241
- SHA256
  
  4e2cc5a128e810bff607d9387cde16624c6188c0b8206668f99aa95659783122
- SHA512
  
  38f8982c85f43c07afeadb1c572c21e74f7017197955d26528e5425f8f8070090ed3ea3624fc30d2e2de0d00d93aa9c09fa33704d1dc099ed85c6ffa0caada6b
- SSDEEP
  
  196608:I+D5q1SGs2yRwtkpqShRBhR3hREhRQhRShRPhR+hRbhR9hRuhRz:DAkLRLRxRYRMR2RZRaRtRPRKRz
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2