runningrat | 195509e9c7b2eb2af89613a32c1b6084922e792cfa0c08fe9fa0af4d99754316 | Triage

Submit
Reports

Overview

overview

Static

static

3

01acef9c79...18.exe

windows7-x64

01acef9c79...18.exe

windows10-2004-x64

Sharing

General

Target

01acef9c7985d9cea7858b3b0b63fab4_JaffaCakes118
Size

689KB
Sample

240426-z3bfgsdb7y
MD5

01acef9c7985d9cea7858b3b0b63fab4
SHA1

0e8cfc9287dba1faae7da5acf6f2e8594b0af097
SHA256

195509e9c7b2eb2af89613a32c1b6084922e792cfa0c08fe9fa0af4d99754316
SHA512

62a10756a5a7419d0a40c73aa7b5071049df0a64bb08ac26bca76b5f6bc5723a769b9c948e1e88d32de7f0789314bfed68a6f1b09fb6c1eb1c5c1a4996c59e0b
SSDEEP

12288:58kXvhHjhZhUbnokPo6+hfeUjKTw07n2D29Eip1hEZFvXFWF5TzQl3Mgm:5NF7Usk/Okbj2q9/8r0bzeMf

Score

10^/10

runningrat rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

01acef9c7985d9cea7858b3b0b63fab4_JaffaCakes118.exe

Resource

win7-20240221-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

01acef9c7985d9cea7858b3b0b63fab4_JaffaCakes118.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  01acef9c7985d9cea7858b3b0b63fab4_JaffaCakes118
- Size
  
  689KB
- MD5
  
  01acef9c7985d9cea7858b3b0b63fab4
- SHA1
  
  0e8cfc9287dba1faae7da5acf6f2e8594b0af097
- SHA256
  
  195509e9c7b2eb2af89613a32c1b6084922e792cfa0c08fe9fa0af4d99754316
- SHA512
  
  62a10756a5a7419d0a40c73aa7b5071049df0a64bb08ac26bca76b5f6bc5723a769b9c948e1e88d32de7f0789314bfed68a6f1b09fb6c1eb1c5c1a4996c59e0b
- SSDEEP
  
  12288:58kXvhHjhZhUbnokPo6+hfeUjKTw07n2D29Eip1hEZFvXFWF5TzQl3Mgm:5NF7Usk/Okbj2q9/8r0bzeMf
Score

10^/10

runningrat rat
- RunningRat
  RunningRat is a remote access trojan first seen in 2018.
  rat runningrat
- RunningRat payload
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy