Overview

overview

10

Static

static

10

PTIN_REPORT_PDF.jar

windows7_x64

1

PTIN_REPORT_PDF.jar

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PTIN_REPORT_PDF.jar

  • Size

    762KB

  • Sample

    220112-pp2qeacfbm

  • MD5

    9b44489684b9ef4df0b970dffa380633

  • SHA1

    48cd4e922f8d7f322882e0b60c042eadb9129730

  • SHA256

    c90b1e65448a622b814946ba136152c0eb47187e477f4c8b0fd61a234d9b5b8e

  • SHA512

    3ee12621496e441e38ed94fc9421544942307b2b07882481c52d1618031ee6e4f65ea0e71205d02ad635855b9e9eafcccef0a7e1a5ebaa7e17d1c6c511a9c650

Score
10/10
rattypersistencerattrojan

Malware Config

Targets

    • Target

      PTIN_REPORT_PDF.jar

    • Size

      762KB

    • MD5

      9b44489684b9ef4df0b970dffa380633

    • SHA1

      48cd4e922f8d7f322882e0b60c042eadb9129730

    • SHA256

      c90b1e65448a622b814946ba136152c0eb47187e477f4c8b0fd61a234d9b5b8e

    • SHA512

      3ee12621496e441e38ed94fc9421544942307b2b07882481c52d1618031ee6e4f65ea0e71205d02ad635855b9e9eafcccef0a7e1a5ebaa7e17d1c6c511a9c650

    Score
    10/10
    rattypersistencerattrojan

    • Ratty

      Ratty is an open source Java Remote Access Tool.

      trojanratratty

    • Ratty Rat Payload

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks