Overview

overview

10

Static

static

10

8b96aef360...1f.msi

windows7_x64

8

8b96aef360...1f.msi

windows10-2004_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8b96aef3600697f94165242dc424cd98d12a68911a959021b161ba9c8500ca1f

  • Size

    382KB

  • Sample

    220201-fvq2eshge2

  • MD5

    40cd765c69ec60012bf6b4213aa35d76

  • SHA1

    8c1fe03096e612864e3300531430655316aac51a

  • SHA256

    8b96aef3600697f94165242dc424cd98d12a68911a959021b161ba9c8500ca1f

  • SHA512

    c2e3185345785c06848ca1d23ecd662749a4786b84259f421ad580bbc1a50b1d3941a11f48dd4dffec37c9b62607ef01ce99d05901aa1965a046db128c158d41

Score
10/10
rattypersistence

Malware Config

Targets

    • Target

      8b96aef3600697f94165242dc424cd98d12a68911a959021b161ba9c8500ca1f

    • Size

      382KB

    • MD5

      40cd765c69ec60012bf6b4213aa35d76

    • SHA1

      8c1fe03096e612864e3300531430655316aac51a

    • SHA256

      8b96aef3600697f94165242dc424cd98d12a68911a959021b161ba9c8500ca1f

    • SHA512

      c2e3185345785c06848ca1d23ecd662749a4786b84259f421ad580bbc1a50b1d3941a11f48dd4dffec37c9b62607ef01ce99d05901aa1965a046db128c158d41

    Score
    8/10
    persistence

    • Blocklisted process makes network request

    • Sets service image path in registry

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks