Analysis
-
max time kernel
94s -
max time network
128s -
platform
windows10-2004_x64 -
resource
win10v2004-20250410-en -
resource tags
-
submitted
14/04/2025, 20:04
General
-
Target
2025-04-14_d9b67dddafafc4d1d64d1e336992efb2_cobalt-strike_elex_poet-rat_sliver_snatch.exe
-
Size
6.8MB
-
MD5
d9b67dddafafc4d1d64d1e336992efb2
-
SHA1
83b1012ff21d1406d44192aa6fb28b0356bf02ff
-
SHA256
4e2ba4658b81ffea4fb8306abce6004e949b9f9cd0bf53a772dbf23963b7216e
-
SHA512
29bf6d5160ea618e47cd4cccf5a53d79cf54a4109afe591c25bff5e25cfae72ebc739f3d486d66a27dfade1b176ff0de877214c86b6dc6daac919451f2ddc753
-
SSDEEP
98304:IN11Rv3nMgukgZojT2UlIT5i3XXvSEXh51YcyDgI9:IN1nMvD5i3XFN7I9
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\2025-04-14_d9b67dddafafc4d1d64d1e336992efb2_cobalt-strike_elex_poet-rat_sliver_snatch.exe"C:\Users\Admin\AppData\Local\Temp\2025-04-14_d9b67dddafafc4d1d64d1e336992efb2_cobalt-strike_elex_poet-rat_sliver_snatch.exe"1⤵
- System Location Discovery: System Language Discovery