Spotting SparkRAT: Detection Tactics & Sandbox Findings
Tags
| country: | Poland |
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Remote Access Tools - T1219 |
Common Information
| Type | Value |
|---|---|
| UUID | 0d69954b-a126-4e1b-9eb4-3a5e1f2758fa |
| Fingerprint | 3714987f623eed93 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Oct. 3, 2024, midnight |
| Added to db | Oct. 9, 2024, 8:27 p.m. |
| Last updated | Nov. 14, 2024, 4:12 p.m. |
| Headline | Spotting SparkRAT: Detection Tactics & Sandbox Findings |
| Title | Spotting SparkRAT: Detection Tactics & Sandbox Findings |
| Detected Hints/Tags/Attributes | 39/2/13 |
Source URLs
URL Provider
| Details | Provider | Source level domain |
|---|---|---|
| Details | hunt.io | hunt.io |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 57 | hunt.io |
|
| Details | File | 1 | 3261cbac9f0ad69dd805bfd875eb0161.exe |
|
| Details | File | 61 | 1.bat |
|
| Details | File | 7 | work.exe |
|
| Details | File | 10 | iox.exe |
|
| Details | File | 1 | hesf.exe |
|
| Details | md5 | 1 | 3261cbac9f0ad69dd805bfd875eb0161 |
|
| Details | md5 | 2 | 0095c9d4bc45fed4080e72bd46876efd |
|
| Details | md5 | 2 | 8f2df5c6cec499f65168fae5318dc572 |
|
| Details | sha1 | 1 | 3471247cffded4259b12593cce644c7c9470a4d2 |
|
| Details | sha1 | 1 | 316fa09f467ba90ac34a054daf2e92e6e2854ff8 |
|
| Details | sha1 | 1 | 4d30a84eda510596e528a7adbac23148618d5a62 |
|
| Details | IPv4 | 1 | 95.164.0.23 |