Analysis Overview
SHA256
7305813c068b2cb19783e00566b60ad3e315963ae7b24f448173c34e101742cd
Threat Level: No (potentially) malicious behavior was detected
The file 2025-07-02_ca656bc9c141df04a1c4f59d7e27167b_dosia_frostygoop_ghostlocker_knight_luca-stealer_poet-rat_quasar-rat_sliver_snatch was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2025-07-02 18:52
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-07-02 18:51
Reported
2025-07-02 18:54
Platform
win10v2004-20250610-en
Max time kernel
102s
Max time network
139s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\2025-07-02_ca656bc9c141df04a1c4f59d7e27167b_dosia_frostygoop_ghostlocker_knight_luca-stealer_poet-ra.exe
"C:\Users\Admin\AppData\Local\Temp\2025-07-02_ca656bc9c141df04a1c4f59d7e27167b_dosia_frostygoop_ghostlocker_knight_luca-stealer_poet-ra.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| GB | 142.250.179.227:80 | c.pki.goog | tcp |