Overview

overview

10

Static

static

10

PTIN_REPORT_PDF.jar

windows7_x64

1

PTIN_REPORT_PDF.jar

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PTIN_REPORT_PDF.zip

  • Size

    749KB

  • Sample

    220112-pp2qeacfbn

  • MD5

    9d6855c9a1ec17a1807821427e4001f9

  • SHA1

    bda1eb00a3a00d3b5656387d53b2600a667fe74e

  • SHA256

    60c90ef07a0e1ebc66e2181c045f809102b923f4e3fe8b95bb55283946bdf41e

  • SHA512

    3a9824c65d65c2fe8fb03b4c998884bc86e55c12ace7c15c5ae63a6763a2bbb683637a3723274d7f2262a33594ad36118d1f2adfba19c206e27adac76a53fee9

Score
10/10
rattypersistencerattrojan

Malware Config

Targets

    • Target

      PTIN_REPORT_PDF.jar

    • Size

      762KB

    • MD5

      9b44489684b9ef4df0b970dffa380633

    • SHA1

      48cd4e922f8d7f322882e0b60c042eadb9129730

    • SHA256

      c90b1e65448a622b814946ba136152c0eb47187e477f4c8b0fd61a234d9b5b8e

    • SHA512

      3ee12621496e441e38ed94fc9421544942307b2b07882481c52d1618031ee6e4f65ea0e71205d02ad635855b9e9eafcccef0a7e1a5ebaa7e17d1c6c511a9c650

    Score
    10/10
    rattypersistencerattrojan

    • Ratty

      Ratty is an open source Java Remote Access Tool.

      trojanratratty

    • Ratty Rat Payload

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks