888rat | 7d03e336cd249751d967c9e6dcd6602e93352f44e77079775222a3eccf8c0b5e | Triage

Submit
Reports

Overview

overview

Static

static

5

RAT COURSE...D).zip

windows7-x64

1

RAT COURSE...D).zip

windows10-2004-x64

1

RAT COURSE...RE.zip

windows7-x64

1

RAT COURSE...RE.zip

windows10-2004-x64

1

RAT TOOL F....6.exe

windows7-x64

7

RAT TOOL F....6.exe

windows10-2004-x64

Sharing

General

Target

RAT COURSE $300 (LEAKED).zip
Size

269.5MB
Sample

240525-elca8sdg7x
MD5

fdaf474985ce95f81f8873a2d51da68a
SHA1

185997a7fdbc5866c0db7be2073addc9dbcac788
SHA256

7d03e336cd249751d967c9e6dcd6602e93352f44e77079775222a3eccf8c0b5e
SHA512

7ca132ca99c28ccba61c94d94aa94d92dc6b7dc1cade3abda5a2e84456490b80541cf24401bd92d56bfa436f91eef4496b4791ed234a3baf8ccdacd4cb40dbcb
SSDEEP

6291456:wEeTxKQ2fbm8/e0/F5Mbn46qF+dpZ3nF3eFaDwFd1x3JZJX08D3m32FAwm:wEeEJfbmC7/8bXqF+dx3eFdFdzJXdFY

Score

10^/10

888rat infostealer rat trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

RAT COURSE $300 (LEAKED).zip

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

RAT COURSE $300 (LEAKED).zip

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

RAT COURSE $300 (LEAKED)/RAT TOOL FULL FEATURE.zip

Resource

win7-20240508-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

RAT COURSE $300 (LEAKED)/RAT TOOL FULL FEATURE.zip

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

RAT TOOL FULL FEATURE/888 Rat v1.2.6.exe

Resource

win7-20240221-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral6

Sample

RAT TOOL FULL FEATURE/888 Rat v1.2.6.exe

Resource

win10v2004-20240508-en

888rat infostealer rat trojan upx

windows10-2004-x64

17 signatures

150 seconds

Malware Config

Targets

- Target
  
  RAT COURSE $300 (LEAKED).zip
- Size
  
  269.5MB
- MD5
  
  fdaf474985ce95f81f8873a2d51da68a
- SHA1
  
  185997a7fdbc5866c0db7be2073addc9dbcac788
- SHA256
  
  7d03e336cd249751d967c9e6dcd6602e93352f44e77079775222a3eccf8c0b5e
- SHA512
  
  7ca132ca99c28ccba61c94d94aa94d92dc6b7dc1cade3abda5a2e84456490b80541cf24401bd92d56bfa436f91eef4496b4791ed234a3baf8ccdacd4cb40dbcb
- SSDEEP
  
  6291456:wEeTxKQ2fbm8/e0/F5Mbn46qF+dpZ3nF3eFaDwFd1x3JZJX08D3m32FAwm:wEeEJfbmC7/8bXqF+dx3eFdFdzJXdFY
Score

1^/10
behavioral1 behavioral2
- Target
  
  RAT COURSE $300 (LEAKED)/RAT TOOL FULL FEATURE.zip
- Size
  
  74.5MB
- MD5
  
  bc4b224d8e329e339d8e88af6d660234
- SHA1
  
  66a786004d14c789d8d7f065a6e76db0d4c61b2c
- SHA256
  
  26fd4d9bb941267d61479569eb5f2e79f685ac7e2757fb94a4d78c781b6cc524
- SHA512
  
  95b8b8abaf455d733dbfdbf4b2cf4c4508c35b2781e05314274f3c97f20047e51a2202892d84996d18c9e6de583619a270129d601b07032b1b0420bb2297aeab
- SSDEEP
  
  1572864:d02bZJsczjrcr/MtOvLQvF/JX9h1XauCx1ziw2FebpuuXZmRG:dJZJsEfcYtOvLQDNN8ziw2F65kRG
Score

1^/10
behavioral3 behavioral4
- Target
  
  RAT TOOL FULL FEATURE/888 Rat v1.2.6.exe
- Size
  
  75.0MB
- MD5
  
  ad33064a9ca95c5b3ed45c14b7fe2739
- SHA1
  
  0bd1286fa5fd936a31a4514798daffa444ce8e12
- SHA256
  
  5a14099abd6fe4b396094db7f9911251b25cd57893e14f97a7e7c5f44337bc98
- SHA512
  
  acb056e217edef4639179b24193a454f7e5aade51c1cc972e0458fc23c0ad982323161ad37050a4d849641dbf84719707efdcf4c99ecdf413381e5a752413647
- SSDEEP
  
  1572864:5mhnD+9mK/LnkHD1LYrXatfLllR3RboTmxXlIgU/cNruKPZiv:6nD+UozkJLYrXajR4ElIgU/c5Qv
Score

10^/10

upx 888rat infostealer rat trojan
- 888RAT
  888RAT is an Android remote administration tool.
  trojan infostealer rat 888rat
- Android 888 RAT payload
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral5 behavioral6

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

888ratinfostealerrattrojanupx

© 2018-2024

Terms | Privacy