9b196fbb21db4cb0ad5a50b2474ef5bbf4ab0aa1873df3726a5e5ce06ecaebfe | Triage

Sharing

General

Target

2025-03-13_55b0e64a210514dac1cce67b57998634_poet-rat_sliver_snatch
Size

9.9MB
Sample

250313-p1lhkaszev
MD5

55b0e64a210514dac1cce67b57998634
SHA1

efee4b13c261dd9c8a721045f8893baf47ccffb0
SHA256

9b196fbb21db4cb0ad5a50b2474ef5bbf4ab0aa1873df3726a5e5ce06ecaebfe
SHA512

f76ef75f387b854d95a3e75831ff1bd1fefb4bd4051d1b7e8b7de39389df3e6a764c8a3c7b2a631f2d0c761e34e979cc0fef852a4703b7b6fb7b2d541a8e5c7d
SSDEEP

196608:I+D5q1SGs2yRwtkpqShRBhR3hRbhRJhR8hRd:DAkLRLRxRtRDRgRd

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  2025-03-13_55b0e64a210514dac1cce67b57998634_poet-rat_sliver_snatch
- Size
  
  9.9MB
- MD5
  
  55b0e64a210514dac1cce67b57998634
- SHA1
  
  efee4b13c261dd9c8a721045f8893baf47ccffb0
- SHA256
  
  9b196fbb21db4cb0ad5a50b2474ef5bbf4ab0aa1873df3726a5e5ce06ecaebfe
- SHA512
  
  f76ef75f387b854d95a3e75831ff1bd1fefb4bd4051d1b7e8b7de39389df3e6a764c8a3c7b2a631f2d0c761e34e979cc0fef852a4703b7b6fb7b2d541a8e5c7d
- SSDEEP
  
  196608:I+D5q1SGs2yRwtkpqShRBhR3hRbhRJhR8hRd:DAkLRLRxRtRDRgRd
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2