ratty | 96cbaba8d3f4e43f1456af0d4ed8f56280f3a716c3819059ffe58308e710f3d7 | Triage

Submit
Reports

Overview

overview

Static

static

9c50e1ae7b...f2.msi

windows7_x64

7

9c50e1ae7b...f2.msi

windows10-2004_x64

8

Sharing

General

Target

9c50e1ae7b75476930888da58db8fdf2.msi
Size

768KB
Sample

220413-kz39rsagem
MD5

9c50e1ae7b75476930888da58db8fdf2
SHA1

c9a60dcefda2a90eecc5b540c4cf277c15c7ab8b
SHA256

96cbaba8d3f4e43f1456af0d4ed8f56280f3a716c3819059ffe58308e710f3d7
SHA512

fa66cb96975408fe6be2d82a9487082e78a8f8a9e55e0089226483a7ebfad6f4282d581977764e69136aa41350eb22dac4d26b585e9efcc3d7748cc8b90e71d3

Score

10^/10

ratty

Static task

static1

Behavioral task

behavioral1

Sample

9c50e1ae7b75476930888da58db8fdf2.msi

Resource

win7-20220331-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

9c50e1ae7b75476930888da58db8fdf2.msi

Resource

win10v2004-20220331-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  9c50e1ae7b75476930888da58db8fdf2.msi
- Size
  
  768KB
- MD5
  
  9c50e1ae7b75476930888da58db8fdf2
- SHA1
  
  c9a60dcefda2a90eecc5b540c4cf277c15c7ab8b
- SHA256
  
  96cbaba8d3f4e43f1456af0d4ed8f56280f3a716c3819059ffe58308e710f3d7
- SHA512
  
  fa66cb96975408fe6be2d82a9487082e78a8f8a9e55e0089226483a7ebfad6f4282d581977764e69136aa41350eb22dac4d26b585e9efcc3d7748cc8b90e71d3
Score

8^/10
- Blocklisted process makes network request
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy