b6c9a4982319f8fa09efbba78ca2a296c7b33e829a943f5fa650245c309f5e0a

Analysis

max time kernel
104s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20250314-en
resource tags

arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
submitted
16/03/2025, 07:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2025-03-16_0315e15637439c345cc20eaff1a0ab57_poet-rat_sliver_snatch.exe
Size

13.0MB
MD5

0315e15637439c345cc20eaff1a0ab57
SHA1

eac57be3ec841c770de1d840a8f1da6c4f8cea56
SHA256

b6c9a4982319f8fa09efbba78ca2a296c7b33e829a943f5fa650245c309f5e0a
SHA512

e327d4fa2845d4b683b2d249977dbe4e97795a17f8001a1fc1e4f7bc4f63288b253b25a1cd264ac776c06c2762b4c865fd0f2c62343c60ae4d6f098842fe23fc
SSDEEP

196608:GKouOB/7eXB94InJrRx/2Xh0cGf7kz6bIHEvTVPEBBJsu:zIYB9trWh0BOabVPmsu

Score

1^/10

Malware Config

Signatures

GoLang User-Agent 51 IoCs

Uses default user-agent string defined by GoLang HTTP packages.

description	flow	ioc
HTTP User-Agent header	57	Go-http-client/1.1
HTTP User-Agent header	68	Go-http-client/1.1
HTTP User-Agent header	2	Go-http-client/1.1
HTTP User-Agent header	3	Go-http-client/1.1
HTTP User-Agent header	9	Go-http-client/1.1
HTTP User-Agent header	54	Go-http-client/1.1
HTTP User-Agent header	63	Go-http-client/1.1
HTTP User-Agent header	69	Go-http-client/1.1
HTTP User-Agent header	81	Go-http-client/1.1
HTTP User-Agent header	58	Go-http-client/1.1
HTTP User-Agent header	59	Go-http-client/1.1
HTTP User-Agent header	62	Go-http-client/1.1
HTTP User-Agent header	72	Go-http-client/1.1
HTTP User-Agent header	75	Go-http-client/1.1
HTTP User-Agent header	83	Go-http-client/1.1
HTTP User-Agent header	85	Go-http-client/1.1
HTTP User-Agent header	86	Go-http-client/1.1
HTTP User-Agent header	16	Go-http-client/1.1
HTTP User-Agent header	19	Go-http-client/1.1
HTTP User-Agent header	45	Go-http-client/1.1
HTTP User-Agent header	60	Go-http-client/1.1
HTTP User-Agent header	89	Go-http-client/1.1
HTTP User-Agent header	13	Go-http-client/1.1
HTTP User-Agent header	43	Go-http-client/1.1
HTTP User-Agent header	64	Go-http-client/1.1
HTTP User-Agent header	65	Go-http-client/1.1
HTTP User-Agent header	71	Go-http-client/1.1
HTTP User-Agent header	74	Go-http-client/1.1
HTTP User-Agent header	17	Go-http-client/1.1
HTTP User-Agent header	56	Go-http-client/1.1
HTTP User-Agent header	73	Go-http-client/1.1
HTTP User-Agent header	76	Go-http-client/1.1
HTTP User-Agent header	82	Go-http-client/1.1
HTTP User-Agent header	7	Go-http-client/1.1
HTTP User-Agent header	8	Go-http-client/1.1
HTTP User-Agent header	12	Go-http-client/1.1
HTTP User-Agent header	44	Go-http-client/1.1
HTTP User-Agent header	48	Go-http-client/1.1
HTTP User-Agent header	88	Go-http-client/1.1
HTTP User-Agent header	18	Go-http-client/1.1
HTTP User-Agent header	61	Go-http-client/1.1
HTTP User-Agent header	67	Go-http-client/1.1
HTTP User-Agent header	70	Go-http-client/1.1
HTTP User-Agent header	77	Go-http-client/1.1
HTTP User-Agent header	78	Go-http-client/1.1
HTTP User-Agent header	84	Go-http-client/1.1
HTTP User-Agent header	87	Go-http-client/1.1
HTTP User-Agent header	6	Go-http-client/1.1
HTTP User-Agent header	46	Go-http-client/1.1
HTTP User-Agent header	47	Go-http-client/1.1
HTTP User-Agent header	55	Go-http-client/1.1

C:\Users\Admin\AppData\Local\Temp\2025-03-16_0315e15637439c345cc20eaff1a0ab57_poet-rat_sliver_snatch.exe
"C:\Users\Admin\AppData\Local\Temp\2025-03-16_0315e15637439c345cc20eaff1a0ab57_poet-rat_sliver_snatch.exe"
1⤵
PID:3056

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads