ratty | 0038c99f2a5285acd2d4ed02c9a444b93c01e8e632b995cf30103e2e4f067329 | Triage

Submit
Reports

Overview

overview

Static

static

0038c99f2a...29.msi

windows10-2004-x64

8

Sharing

General

Target

0038c99f2a5285acd2d4ed02c9a444b93c01e8e632b995cf30103e2e4f067329.msi
Size

730KB
Sample

230101-yfnlvsff9z
MD5

8f07ea738d1c69b74fac16cabe39e858
SHA1

2a4c4e73106b0dcb87fbfc4a14426e72e0c368b6
SHA256

0038c99f2a5285acd2d4ed02c9a444b93c01e8e632b995cf30103e2e4f067329
SHA512

db3a5884f0c71923ff5aee2e4341d495cd863f68894bab5a8d7426c31e53f2362bc55ec74da76c065e54625f5eb9e3ba07fcb040d3320771a44da6eed34fab66
SSDEEP

12288:GGpswznMosyIa3FZjiazH1BpQc2Yf4U4oXMf6p2XHJZNNNh:GGOw7MAFZjiaZBuc2g4jocf6p2XHXNNr

Score

10^/10

ratty

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

0038c99f2a5285acd2d4ed02c9a444b93c01e8e632b995cf30103e2e4f067329.msi

Resource

win10v2004-20221111-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  0038c99f2a5285acd2d4ed02c9a444b93c01e8e632b995cf30103e2e4f067329.msi
- Size
  
  730KB
- MD5
  
  8f07ea738d1c69b74fac16cabe39e858
- SHA1
  
  2a4c4e73106b0dcb87fbfc4a14426e72e0c368b6
- SHA256
  
  0038c99f2a5285acd2d4ed02c9a444b93c01e8e632b995cf30103e2e4f067329
- SHA512
  
  db3a5884f0c71923ff5aee2e4341d495cd863f68894bab5a8d7426c31e53f2362bc55ec74da76c065e54625f5eb9e3ba07fcb040d3320771a44da6eed34fab66
- SSDEEP
  
  12288:GGpswznMosyIa3FZjiazH1BpQc2Yf4U4oXMf6p2XHJZNNNh:GGOw7MAFZjiaZBuc2g4jocf6p2XHXNNr
Score

8^/10
- Blocklisted process makes network request
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy