rokrat | c81d5421b18c59c9d6df2553e5791e2bb37e8b9d34c93004290bae8aa4ed5ec4 | Triage

Submit
Reports

Overview

overview

Static

static

1

1.rar

windows7-x64

1.rar

windows10-2004-x64

7

Sharing

General

Target

1.rar
Size

4.4MB
Sample

240403-qpascsdf7x
MD5

b97fac2bfe6de66b4a615780cb6b1cc2
SHA1

1ccd56e4113b00ea818f47ca90ba16a80f167dba
SHA256

c81d5421b18c59c9d6df2553e5791e2bb37e8b9d34c93004290bae8aa4ed5ec4
SHA512

97e163fc66484c9677802650e7affead5c9f537f746eb0d82b1d196e3e13d9ccea76938211235f68cb562b3fd056526f43ad881f4d244ba7767f9b35e238cc60
SSDEEP

98304:7Hw2wByKZdIAtG/pupt2kv70X+iPLMPGcebMimKHpGu:LPqpagtx7q+iIPczHAu

Score

10^/10

rokrat link pdf rat

Static task

static1

Behavioral task

behavioral1

Sample

1.rar

Resource

win7-20240221-en

rokrat link pdf rat

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

1.rar

Resource

win10v2004-20240226-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  1.rar
- Size
  
  4.4MB
- MD5
  
  b97fac2bfe6de66b4a615780cb6b1cc2
- SHA1
  
  1ccd56e4113b00ea818f47ca90ba16a80f167dba
- SHA256
  
  c81d5421b18c59c9d6df2553e5791e2bb37e8b9d34c93004290bae8aa4ed5ec4
- SHA512
  
  97e163fc66484c9677802650e7affead5c9f537f746eb0d82b1d196e3e13d9ccea76938211235f68cb562b3fd056526f43ad881f4d244ba7767f9b35e238cc60
- SSDEEP
  
  98304:7Hw2wByKZdIAtG/pupt2kv70X+iPLMPGcebMimKHpGu:LPqpagtx7q+iIPczHAu
Score

10^/10

rokrat link pdf rat
- Detect Rokrat payload
- Rokrat
  Rokrat is a remote access trojan written in c++.
  rat rokrat
- Blocklisted process makes network request
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rokratlinkpdfrat

behavioral2

© 2018-2024

Terms | Privacy