Analysis
-
max time kernel
103s -
max time network
119s -
platform
windows10-2004_x64 -
resource
win10v2004-20250314-en -
resource tags
-
submitted
13/04/2025, 21:30
General
-
Target
2025-04-13_920172daf6afc87ca682309c52b7422d_cobalt-strike_elex_poet-rat_sliver_snatch.exe
-
Size
6.8MB
-
MD5
920172daf6afc87ca682309c52b7422d
-
SHA1
d121c7e7d8669fd783450c74955e485c6e4ac3f0
-
SHA256
0ccea1afcaac1eb607b8d5aac443204e2064fc010bed1ba1c16359aeaa263a2d
-
SHA512
bad3be68bed713cf26ac75b2d199352d8f8f56dfe6413c82386b9b821dda4d418aa3e837d2140f1f180b5d8ce36acfc5ad83f9e6f0c5aabe03d58e62658ff776
-
SSDEEP
98304:IN11Rv3nMgukgZojT2UlIT5i3XXvSEXh51YcyDgIE:IN1nMvD5i3XFN7IE
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\2025-04-13_920172daf6afc87ca682309c52b7422d_cobalt-strike_elex_poet-rat_sliver_snatch.exe"C:\Users\Admin\AppData\Local\Temp\2025-04-13_920172daf6afc87ca682309c52b7422d_cobalt-strike_elex_poet-rat_sliver_snatch.exe"1⤵
- System Location Discovery: System Language Discovery