a615c1b27a5c74a73281eb46e0ba7aa7427c05f41f24aac189f8bf2fd7f6cbf1 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

RBRat.exe

windows7-x64

8

Sharing

General

Target

RBRat.exe
Size

689KB
Sample

230901-lxw84sdh9w
MD5

f0cb80486ef6b557926c70e38deed7d7
SHA1

8a462ea003c6d8e8ad63b2ab519485327395dfdc
SHA256

a615c1b27a5c74a73281eb46e0ba7aa7427c05f41f24aac189f8bf2fd7f6cbf1
SHA512

e733eb81a2bf89dd9c06b9994b578f2af45ea038e02e1400da13f0813e1674bec8778392608ba465a0f78d9c7e66557ca1cc6b195b5b39a783df6174753b2a95
SSDEEP

12288:qubsNSOetfARQAPyGUfT+tkr5X6nb3+noe9OJFc1pv79/kAxD7hZnMn:qubsnafAPyjZr5X6qofFcTGAB7U

Score

8^/10

evasion persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

RBRat.exe

Resource

win7-20230831-en

evasion persistence upx

windows7-x64

18 signatures

1800 seconds

Malware Config

Targets

- Target
  
  RBRat.exe
- Size
  
  689KB
- MD5
  
  f0cb80486ef6b557926c70e38deed7d7
- SHA1
  
  8a462ea003c6d8e8ad63b2ab519485327395dfdc
- SHA256
  
  a615c1b27a5c74a73281eb46e0ba7aa7427c05f41f24aac189f8bf2fd7f6cbf1
- SHA512
  
  e733eb81a2bf89dd9c06b9994b578f2af45ea038e02e1400da13f0813e1674bec8778392608ba465a0f78d9c7e66557ca1cc6b195b5b39a783df6174753b2a95
- SSDEEP
  
  12288:qubsNSOetfARQAPyGUfT+tkr5X6nb3+noe9OJFc1pv79/kAxD7hZnMn:qubsnafAPyjZr5X6qofFcTGAB7U
Score

8^/10

evasion persistence upx
- Disables RegEdit via registry modification
  evasion
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

BITS Jobs

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

BITS Jobs

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Process Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistenceupx

© 2018-2025

Terms | Privacy