Overview

overview

10

Static

static

10

cza7vd9VH8..._M.jar

windows7-x64

1

cza7vd9VH8..._M.jar

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cza7vd9VH8C8Ntggy3AkUnUOQmYItcrwzJJwfEFJm_M.bin

  • Size

    619KB

  • Sample

    240228-xwdk6abf51

  • MD5

    e09c100ccd2443603da3bc66f4564424

  • SHA1

    0e0a646879fb797e5b6e88bd3fc870be5116c2d7

  • SHA256

    7336bbbddf551fc0bc36d820cb702452750e426608b5caf0cc92707c41499be3

  • SHA512

    cce226c3785b741dcd1aed871d691818a04d84ea87c37eeaad835a5091ec0748372c7b96dc8271bb71fd0d3461090153a11519ac4c3cb9305f0f399e4fa55432

  • SSDEEP

    12288:pzw60AvjBPrtU7ebS7Qzx9qjF5jURClCn+jprJaA2GvhJv:e60GjBPriib3zT4FJ0ClCQ2LG5B

Score
10/10
rattydiscoverypersistencerattrojan

Malware Config

Targets

    • Target

      cza7vd9VH8C8Ntggy3AkUnUOQmYItcrwzJJwfEFJm_M.bin

    • Size

      619KB

    • MD5

      e09c100ccd2443603da3bc66f4564424

    • SHA1

      0e0a646879fb797e5b6e88bd3fc870be5116c2d7

    • SHA256

      7336bbbddf551fc0bc36d820cb702452750e426608b5caf0cc92707c41499be3

    • SHA512

      cce226c3785b741dcd1aed871d691818a04d84ea87c37eeaad835a5091ec0748372c7b96dc8271bb71fd0d3461090153a11519ac4c3cb9305f0f399e4fa55432

    • SSDEEP

      12288:pzw60AvjBPrtU7ebS7Qzx9qjF5jURClCn+jprJaA2GvhJv:e60GjBPriib3zT4FJ0ClCQ2LG5B

    Score
    10/10
    rattydiscoverypersistencerattrojan

    • Ratty

      Ratty is an open source Java Remote Access Tool.

      trojanratratty

    • Ratty Rat payload

    • Drops startup file

    • Loads dropped DLL

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks