General
Structural Analysis
Config.0
Yara Rules99+
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 388b1715664b6afd12bfb0b607d93b96
|
| Sha1 | c2ea41c9f92f97186d9c391b1e2486a15c7e2cd3
|
| Sha256 | 25b4c47018a01e5fd0f22bd3a0a0b4462214de17ad7597a04d0185344781cf53
|
| Sha384 | f31cb6d6e24cd0cae92af3c22edbe2bc0bea960766f47f499c3e70ea07f589ab007aa39b6638dd73b8cfb5433aa29ccd
|
| Sha512 | a4ce3b277a6148281fe3e55fec9472234a64c4eaab91ce5f318e0996ef3d8ac104c5acd88452370c2a964746a90259b417724ec163e27ae2c145acd41e0cf31d
|
| SSDeep | 98304:/I/Zh6Ocddh11pYrX6EqnZEwMkg53BVpz5x:/Ibcpjp0/qZZmV95x
|
| TLSH | 30E5335B3219606FC32B2EEC5C559F68E17FC5A3A1354EB2EB0761E9D0F3420276292D
|
File Structure
2025-02-05_99b271b7177504f779a2fdc07ce4ec15_frostygoop_poet-rat_snatch_password_infected.zip
Malicious
info.txt
99b271b7177504f779a2fdc07ce4ec15
Malicious
[Base64-Block@0x003E6566]
[Base64-Block-Decoded]
[Base64-Block@0x003E9133]
[Base64-Block-Decoded]
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.idata
.reloc
.symtab
.rsrc
Resources
RT_ICON
ID:0001
ID:1033
ID:1033-preview.png
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
RT_GROUP_CURSOR4
ID:0000
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
2025-02-05_99b271b7177504f779a2fdc07ce4ec15_frostygoop_poet-rat_snatch_password_infected.zip (3.19 MB)
File Structure
2025-02-05_99b271b7177504f779a2fdc07ce4ec15_frostygoop_poet-rat_snatch_password_infected.zip
Malicious
info.txt
99b271b7177504f779a2fdc07ce4ec15
Malicious
[Base64-Block@0x003E6566]
[Base64-Block-Decoded]
[Base64-Block@0x003E9133]
[Base64-Block-Decoded]
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.idata
.reloc
.symtab
.rsrc
Resources
RT_ICON
ID:0001
ID:1033
ID:1033-preview.png
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
RT_GROUP_CURSOR4
ID:0000
ID:1033
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0001
ID:1033
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.