General

  • Target

    TtLKCmS8n3wRTRqRrg8OlGpeMtMPynkRI7vzBDvv7E4.bin

  • Size

    764KB

  • Sample

    230109-v887gsae2x

  • MD5

    de926a705c02c29aec3a34162c76fa0b

  • SHA1

    ce830780086bf326e2d62a7d59d37349f32f0ba3

  • SHA256

    4ed2ca0a64bc9f7c114d1a91ae0f0e946a5e32d30fca791123bbf3043befec4e

  • SHA512

    02a776c4040e72def12c5c1b588153693a89ccf583ebf4bcde628222967aaa0aa101e70ec5db679f5ee27d010cabfc2d040f64800f4047502cd51f9528ceaa2e

  • SSDEEP

    12288:vClCR+jp42GLRhJ7ar5jU75XGC+g73MJ9GaXvf/g9QLK/OFRu+P5084ZpEPPTLiF:vClCeBGLorJQhN+W8JFXvf49QLCO6+No

Malware Config

Targets

    • Target

      TtLKCmS8n3wRTRqRrg8OlGpeMtMPynkRI7vzBDvv7E4.bin

    • Size

      764KB

    • MD5

      de926a705c02c29aec3a34162c76fa0b

    • SHA1

      ce830780086bf326e2d62a7d59d37349f32f0ba3

    • SHA256

      4ed2ca0a64bc9f7c114d1a91ae0f0e946a5e32d30fca791123bbf3043befec4e

    • SHA512

      02a776c4040e72def12c5c1b588153693a89ccf583ebf4bcde628222967aaa0aa101e70ec5db679f5ee27d010cabfc2d040f64800f4047502cd51f9528ceaa2e

    • SSDEEP

      12288:vClCR+jp42GLRhJ7ar5jU75XGC+g73MJ9GaXvf/g9QLK/OFRu+P5084ZpEPPTLiF:vClCeBGLorJQhN+W8JFXvf49QLCO6+No

    • Ratty

      Ratty is an open source Java Remote Access Tool.

    • Ratty Rat payload

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks