ratty | 811de6570cf64d430a2c0af6fd2ce4214e61d5fd6f7adaae6d1bf4791b4d11e0 | Triage

Resubmissions

03-04-2024 18:51

240403-xhlplshe4x 10

03-04-2024 18:47

240403-xfehhshg79 10

Sharing

General

Target

Tax_documents_JPG.jar
Size

429KB
Sample

240403-xhlplshe4x
MD5

b600058b62cbca0ace1c87e4dc1eab56
SHA1

16cfb0fbf7fa4b821c6313a9512f1b04aa693813
SHA256

811de6570cf64d430a2c0af6fd2ce4214e61d5fd6f7adaae6d1bf4791b4d11e0
SHA512

af0e7c3d18b659204b7b78ec948feeae04e47d4d0210ef32833278d078fbe6f3d8a9de3cdd8364e7f4b89dec372cd47dbde4d478c9b78641c080301490936d82
SSDEEP

6144:LxHPsAEkCqNL+MbHEMVw4zYr/mglY20Ozj/fjRs+Cxd32oSTklkCNPaawJzkfpSy:ekCqPkgpsr/JzynSTtir0usYPuJ6Aax

Score

10^/10

ratty discovery rat trojan

Malware Config

Targets

- Target
  
  Tax_documents_JPG.jar
- Size
  
  429KB
- MD5
  
  b600058b62cbca0ace1c87e4dc1eab56
- SHA1
  
  16cfb0fbf7fa4b821c6313a9512f1b04aa693813
- SHA256
  
  811de6570cf64d430a2c0af6fd2ce4214e61d5fd6f7adaae6d1bf4791b4d11e0
- SHA512
  
  af0e7c3d18b659204b7b78ec948feeae04e47d4d0210ef32833278d078fbe6f3d8a9de3cdd8364e7f4b89dec372cd47dbde4d478c9b78641c080301490936d82
- SSDEEP
  
  6144:LxHPsAEkCqNL+MbHEMVw4zYr/mglY20Ozj/fjRs+Cxd32oSTklkCNPaawJzkfpSy:ekCqPkgpsr/JzynSTtir0usYPuJ6Aax
Score

10^/10

ratty discovery rat trojan
- Ratty
  Ratty is an open source Java Remote Access Tool.
  trojan rat ratty
- Ratty Rat payload
- Modifies file permissions
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rattydiscoveryrattrojan