laplas | 3ee70db5d16cc166ed1b7837aa0f9a8d658127f8d6a7c47f9be83905bcb0ef21 | Triage

Sharing

General

Target

2025-03-10_328a0b79e659a926f56bcaffe13ff347_frostygoop_poet-rat_sliver_snatch
Size

681.0MB
Sample

250310-yh8d2swmw6
MD5

328a0b79e659a926f56bcaffe13ff347
SHA1

f3aded348268faf23a69e04f1db3c9ff9d66ab22
SHA256

3ee70db5d16cc166ed1b7837aa0f9a8d658127f8d6a7c47f9be83905bcb0ef21
SHA512

9e5ab5bf3c038783681f92373d1acb184bcc7bd4e38275632ce6f92fffa5164dbf2d0f0f8bd035119a1f04db9efd87beec833f8a3949e6314657b242e27eca12
SSDEEP

12582912:KXRs1wQfQaEYPxk39eCSiQzVkVZ1F/4I4U7U2NSKT+aGPHkHHgfshdB:2ZZYPY9ehc1F/74QJgGxdB

Score

10^/10

laplas discovery

Malware Config

Targets

- Target
  
  2025-03-10_328a0b79e659a926f56bcaffe13ff347_frostygoop_poet-rat_sliver_snatch
- Size
  
  681.0MB
- MD5
  
  328a0b79e659a926f56bcaffe13ff347
- SHA1
  
  f3aded348268faf23a69e04f1db3c9ff9d66ab22
- SHA256
  
  3ee70db5d16cc166ed1b7837aa0f9a8d658127f8d6a7c47f9be83905bcb0ef21
- SHA512
  
  9e5ab5bf3c038783681f92373d1acb184bcc7bd4e38275632ce6f92fffa5164dbf2d0f0f8bd035119a1f04db9efd87beec833f8a3949e6314657b242e27eca12
- SSDEEP
  
  12582912:KXRs1wQfQaEYPxk39eCSiQzVkVZ1F/4I4U7U2NSKT+aGPHkHHgfshdB:2ZZYPY9ehc1F/74QJgGxdB
Score

7^/10

discovery
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2