ratty | 1e6a10285e26e0e09b0c7871069514e51b3ff5b70a3e1462dd4c4465ea92d05c | Triage

Submit
Reports

Overview

overview

Static

static

SecuriteIn...57.msi

windows7_x64

7

SecuriteIn...57.msi

windows10_x64

8

Sharing

General

Target

SecuriteInfo.com.Java.Ratty.2.7240.27857
Size

967KB
Sample

201109-w61sp2mqe6
MD5

baf22cec89fe346b6811157fa3c7ea94
SHA1

8de2ff5457647978af1f67c8410c09a7b2877501
SHA256

1e6a10285e26e0e09b0c7871069514e51b3ff5b70a3e1462dd4c4465ea92d05c
SHA512

33c4131c52c0cce738de925cd551c5ce306d50ed2c3e169f54a7778461e749bd7134bbd3b9c1e88fc34f13ce06da45b0ff3f3dda826e45705b0706a10c9f09b2

Score

10^/10

ratty persistence

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Java.Ratty.2.7240.27857.msi

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.Java.Ratty.2.7240.27857.msi

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Java.Ratty.2.7240.27857
- Size
  
  967KB
- MD5
  
  baf22cec89fe346b6811157fa3c7ea94
- SHA1
  
  8de2ff5457647978af1f67c8410c09a7b2877501
- SHA256
  
  1e6a10285e26e0e09b0c7871069514e51b3ff5b70a3e1462dd4c4465ea92d05c
- SHA512
  
  33c4131c52c0cce738de925cd551c5ce306d50ed2c3e169f54a7778461e749bd7134bbd3b9c1e88fc34f13ce06da45b0ff3f3dda826e45705b0706a10c9f09b2
Score

8^/10

persistence
- Blacklisted process makes network request
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Modifies service
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy