ratty | 0cdaf2559dc07bc86ee642c3b30405dd65f4fe1254593e1b9591d5c80f179740 | Triage

Submit
Reports

Overview

overview

Static

static

fbyucqj.txt.jar

windows7_x64

1

fbyucqj.txt.jar

windows10_x64

Sharing

General

Target

fbyucqj.txt
Size

332KB
Sample

210703-nr41zpz6yj
MD5

557300cb69793fff9ce90e80d5800db7
SHA1

e4a9df52f70f2ce7eeb4e48f5cfd735836945b48
SHA256

0cdaf2559dc07bc86ee642c3b30405dd65f4fe1254593e1b9591d5c80f179740
SHA512

a484566b445f63dd5ec1a546e8ca2f45c54f4ebf800fb32c039261b3e4816634723b4cd28cc95392dfaddc4ed617e5562fa27b7038bc273a34fdd43aee388c78

Score

10^/10

ratty persistence rat trojan

Static task

static1

Behavioral task

behavioral1

Sample

fbyucqj.txt.jar

Resource

win7v20210410

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

fbyucqj.txt.jar

Resource

win10v20210408

ratty persistence rat trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  fbyucqj.txt
- Size
  
  332KB
- MD5
  
  557300cb69793fff9ce90e80d5800db7
- SHA1
  
  e4a9df52f70f2ce7eeb4e48f5cfd735836945b48
- SHA256
  
  0cdaf2559dc07bc86ee642c3b30405dd65f4fe1254593e1b9591d5c80f179740
- SHA512
  
  a484566b445f63dd5ec1a546e8ca2f45c54f4ebf800fb32c039261b3e4816634723b4cd28cc95392dfaddc4ed617e5562fa27b7038bc273a34fdd43aee388c78
Score

10^/10

ratty persistence rat trojan
- Ratty
  Ratty is an open source Java Remote Access Tool.
  trojan rat ratty
- Ratty Rat Payload
- Drops startup file
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

rattypersistencerattrojan

© 2018-2024

Terms | Privacy