laplas | 82f55f828618106ecd9f1c44acde2f0eefd566d50edcddb1f5782d1af84846c0 | Triage

Sharing

General

Target

2025-03-14_f154e49cf53a5f16e94fa24b96307efd_frostygoop_gcleaner_poet-rat_sliver_snatch
Size

647.4MB
Sample

250314-bf6fcazqx8
MD5

f154e49cf53a5f16e94fa24b96307efd
SHA1

e889ddd87a48590db240f532ec083325df42dd27
SHA256

82f55f828618106ecd9f1c44acde2f0eefd566d50edcddb1f5782d1af84846c0
SHA512

d0e1e2ff2051fc00d8a89b35e9ba494e1ae582774cc1d3907b827b0b0832c288b87767dde371a280a6fd2d7b2049ea4c01cce4cc79e058f8c87d10cabcf67bc1
SSDEEP

12582912:Yd3gqIRuCRP7l2YW2gc+wvB0KysQOIcOnv7sWcJYR8i9iu4laWMquR0:UIwCpEB2gCvBgsUcVWcg8hnbm0

Score

10^/10

laplas discovery

Malware Config

Targets

- Target
  
  2025-03-14_f154e49cf53a5f16e94fa24b96307efd_frostygoop_gcleaner_poet-rat_sliver_snatch
- Size
  
  647.4MB
- MD5
  
  f154e49cf53a5f16e94fa24b96307efd
- SHA1
  
  e889ddd87a48590db240f532ec083325df42dd27
- SHA256
  
  82f55f828618106ecd9f1c44acde2f0eefd566d50edcddb1f5782d1af84846c0
- SHA512
  
  d0e1e2ff2051fc00d8a89b35e9ba494e1ae582774cc1d3907b827b0b0832c288b87767dde371a280a6fd2d7b2049ea4c01cce4cc79e058f8c87d10cabcf67bc1
- SSDEEP
  
  12582912:Yd3gqIRuCRP7l2YW2gc+wvB0KysQOIcOnv7sWcJYR8i9iu4laWMquR0:UIwCpEB2gCvBgsUcVWcg8hnbm0
Score

7^/10

discovery
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2