6710fd52a418adfb6338960abe79ea7793b15aba5c241776a10ea5d17c397cf3 | Triage

Sharing

General

Target

2025-02-18_cc3b458540136770be5d5775f0d44f66_poet-rat_snatch
Size

12.9MB
Sample

250218-krc3lsyqer
MD5

cc3b458540136770be5d5775f0d44f66
SHA1

6253d690cf1aeef7cf0d14395e82ddb347dd5bc6
SHA256

6710fd52a418adfb6338960abe79ea7793b15aba5c241776a10ea5d17c397cf3
SHA512

200493457cf0dd0487514b0d9d344771889a38a88812c606ba5246d1676cdc15d70791e81ef9ba9cb00713f49c7ac0433c7f712d1093ddb7e27001ed08122c67
SSDEEP

196608:I+D5q1SGs2yRwtkpqShRBhR3hREhRFhRVhRihRrhRihREhR3:DAkLRLRxRYRHRXRGR9RGRYR3

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  2025-02-18_cc3b458540136770be5d5775f0d44f66_poet-rat_snatch
- Size
  
  12.9MB
- MD5
  
  cc3b458540136770be5d5775f0d44f66
- SHA1
  
  6253d690cf1aeef7cf0d14395e82ddb347dd5bc6
- SHA256
  
  6710fd52a418adfb6338960abe79ea7793b15aba5c241776a10ea5d17c397cf3
- SHA512
  
  200493457cf0dd0487514b0d9d344771889a38a88812c606ba5246d1676cdc15d70791e81ef9ba9cb00713f49c7ac0433c7f712d1093ddb7e27001ed08122c67
- SSDEEP
  
  196608:I+D5q1SGs2yRwtkpqShRBhR3hREhRFhRVhRihRrhRihREhR3:DAkLRLRxRYRHRXRGR9RGRYR3
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2