ratty | da37e5da9af1c2a21720b0000b2615f082913d42fd835ef95227297a99cf2872 | Triage

Submit
Reports

Overview

overview

Static

static

SecuriteIn...03.msi

windows7_x64

6

SecuriteIn...03.msi

windows10_x64

8

Sharing

General

Target

SecuriteInfo.com.Java.Ratty.2.30276.27803
Size

382KB
Sample

201109-epytkrrh9a
MD5

6772d78a5fa486484815dc766db86f45
SHA1

e46fafe80f104d63731370f770c94bf2f7c29a13
SHA256

da37e5da9af1c2a21720b0000b2615f082913d42fd835ef95227297a99cf2872
SHA512

acfa77f7fd88fa31adc7e5de43eb5042395846fa63fa46d844e3508862c79e10dbf268894af5f8a50a700730639f3cb819f1f1065a9d1068918fa6324748aef2

Score

10^/10

ratty persistence

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Java.Ratty.2.30276.27803.msi

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.Java.Ratty.2.30276.27803.msi

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Java.Ratty.2.30276.27803
- Size
  
  382KB
- MD5
  
  6772d78a5fa486484815dc766db86f45
- SHA1
  
  e46fafe80f104d63731370f770c94bf2f7c29a13
- SHA256
  
  da37e5da9af1c2a21720b0000b2615f082913d42fd835ef95227297a99cf2872
- SHA512
  
  acfa77f7fd88fa31adc7e5de43eb5042395846fa63fa46d844e3508862c79e10dbf268894af5f8a50a700730639f3cb819f1f1065a9d1068918fa6324748aef2
Score

8^/10

persistence
- Blacklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Modifies service
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy