ratty | New[.]Shipment[.]Delivery[.]jar | Triage

Sharing

General

Target

New.Shipment.Delivery.jar
Size

967KB
MD5

fa8118a9fa20a17018cb2f60fd28a5b7
SHA1

548b525309b3746b808c4645f7a727af2dc1ec0c
SHA256

a2e6fae445f2fc021874a54a9525a0a35004e25c6df1a8648eb602868de1b8e9
SHA512

b2c61459013ab978e12ac7c3ba1a39396d06917b85dfd2c5997ddddf2b78eee43032355223afe2a52b07de296af27dc7c2497de05e28b215992bb21f7c441d70

Score

10^/10

macro ratty

Malware Config

Signatures

Ratty Rat Payload 1 IoCs

Processes:

resource yara_rule

sample family_ratty
Ratty family
ratty
Detect jar appended to MSI 1 IoCs

Processes:

resource yara_rule

sample jar_in_msi
Suspicious Office macro 1 IoCs
Office document equipped with 4.0 macros.
macro

Processes:

resource yara_rule

sample office_xlm_macros
JavaScript code in executable 1 IoCs

Processes:

resource yara_rule

sample js

Files

New.Shipment.Delivery.jar
.msi