General

  • Target

    af7f264ed40f293a01ee685ee7d42daf_JaffaCakes118

  • Size

    332KB

  • Sample

    240404-eynj2aee6w

  • MD5

    af7f264ed40f293a01ee685ee7d42daf

  • SHA1

    a20caef9550c2ae144529b60598b5f58e63a409a

  • SHA256

    2436fa28a278522c298b3a398ddc553c96c4be29ae7b433a999ad49ac71d656c

  • SHA512

    05a060fe3d4b9f92180987d742e5ecad0deb1c5d2cbb1deec0fb31af8ddc5aa867b73ac0b9af02a764c453ba50fc4e9bd6d42b83b294a9e9bcf91b32c34ded7d

  • SSDEEP

    6144:JZjgS007NNMX/+DoklCAFNWClCA+jp02GmaZ/ZJSEPavLFjt+WU:JZNNNzbCClCA+jp02GmWhJnav5jU7

Malware Config

Targets

    • Target

      af7f264ed40f293a01ee685ee7d42daf_JaffaCakes118

    • Size

      332KB

    • MD5

      af7f264ed40f293a01ee685ee7d42daf

    • SHA1

      a20caef9550c2ae144529b60598b5f58e63a409a

    • SHA256

      2436fa28a278522c298b3a398ddc553c96c4be29ae7b433a999ad49ac71d656c

    • SHA512

      05a060fe3d4b9f92180987d742e5ecad0deb1c5d2cbb1deec0fb31af8ddc5aa867b73ac0b9af02a764c453ba50fc4e9bd6d42b83b294a9e9bcf91b32c34ded7d

    • SSDEEP

      6144:JZjgS007NNMX/+DoklCAFNWClCA+jp02GmaZ/ZJSEPavLFjt+WU:JZNNNzbCClCA+jp02GmWhJnav5jU7

    • Ratty

      Ratty is an open source Java Remote Access Tool.

    • Ratty Rat payload

    • Drops startup file

    • Loads dropped DLL

    • Modifies file permissions

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks