Overview

overview

10

Static

static

10

[RU]DESKTO...ip.jar

windows7-x64

1

[RU]DESKTO...ip.jar

windows7-x64

1

[RU]DESKTO...ip.jar

windows10-1703-x64

10

[RU]DESKTO...ip.jar

windows10-2004-x64

10

[RU]DESKTO...ip.jar

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    [RU]DESKTOP-33B9CHF@V#eff870d155ad9996e86173d19c2373fd3cea5780.zip.jar

  • Size

    332KB

  • Sample

    241010-c622aa1cqm

  • MD5

    c6f19bd285ac0c699435b607a163bedd

  • SHA1

    959fd4aa99f9550359eeccf5770565fb0503104d

  • SHA256

    21810e5c5329762599cdb396feba7c560e42808f11d7eda6ea8afcc0d3d1cd1d

  • SHA512

    96be9a0c64c27cca97b690e9b8e07db114271b7888b4acacf8aed0a89750ab6fd967e48cd277abe3e359726af1f094e8c33b6b4e0b4b5561559189e8577ca708

  • SSDEEP

    6144:JZjgS007NNMX/+DoklCAFNWClCA+jp02GmaZ/ZJSEPavLFjt+Ww:JZNNNzbCClCA+jp02GmWhJnav5jUj

Score
10/10
rattydiscoverypersistencerattrojan

Malware Config

Targets

    • Target

      [RU]DESKTOP-33B9CHF@V#eff870d155ad9996e86173d19c2373fd3cea5780.zip.jar

    • Size

      332KB

    • MD5

      c6f19bd285ac0c699435b607a163bedd

    • SHA1

      959fd4aa99f9550359eeccf5770565fb0503104d

    • SHA256

      21810e5c5329762599cdb396feba7c560e42808f11d7eda6ea8afcc0d3d1cd1d

    • SHA512

      96be9a0c64c27cca97b690e9b8e07db114271b7888b4acacf8aed0a89750ab6fd967e48cd277abe3e359726af1f094e8c33b6b4e0b4b5561559189e8577ca708

    • SSDEEP

      6144:JZjgS007NNMX/+DoklCAFNWClCA+jp02GmaZ/ZJSEPavLFjt+Ww:JZNNNzbCClCA+jp02GmWhJnav5jUj

    Score
    10/10
    rattydiscoverypersistencerattrojan

    • Ratty

      Ratty is an open source Java Remote Access Tool.

      trojanratratty

    • Ratty Rat payload

    • Drops startup file

    • Loads dropped DLL

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence
    behavioral1behavioral2behavioral3behavioral4behavioral5

MITRE ATT&CK Enterprise v15

Tasks