runningrat | 9657f9b7b8ef24748e61c4c6ac1bfc4a667a9845be5bbf616d2507071b24bf95 | Triage

Sharing

General

Target

JaffaCakes118_b2674a5ea1a9dc7c64530d28fa3513b2
Size

48KB
Sample

250108-3cgrcszqej
MD5

b2674a5ea1a9dc7c64530d28fa3513b2
SHA1

79ce6dd3a028410d4256e8e2a0224c45d6771923
SHA256

9657f9b7b8ef24748e61c4c6ac1bfc4a667a9845be5bbf616d2507071b24bf95
SHA512

5e59d828a29558fd1da4805d50a322ec813199747c3717f4a7a6738572bacece7d28a6376e7d649465d3f9044dedea9f7fd4690eb4912f1ab20b27a63b386a5a
SSDEEP

768:BR7dOahyoHokBtqN74W7bZZmYb9PyzcjRlYlwa6NVdkPnJJMIzDV:8aAoHoc2x7bZoYBAcQlwJdM3

Score

10^/10

runningrat discovery rat

Malware Config

Extracted

Family

runningrat

C2

www.wulei168.pw

Targets

- Target
  
  JaffaCakes118_b2674a5ea1a9dc7c64530d28fa3513b2
- Size
  
  48KB
- MD5
  
  b2674a5ea1a9dc7c64530d28fa3513b2
- SHA1
  
  79ce6dd3a028410d4256e8e2a0224c45d6771923
- SHA256
  
  9657f9b7b8ef24748e61c4c6ac1bfc4a667a9845be5bbf616d2507071b24bf95
- SHA512
  
  5e59d828a29558fd1da4805d50a322ec813199747c3717f4a7a6738572bacece7d28a6376e7d649465d3f9044dedea9f7fd4690eb4912f1ab20b27a63b386a5a
- SSDEEP
  
  768:BR7dOahyoHokBtqN74W7bZZmYb9PyzcjRlYlwa6NVdkPnJJMIzDV:8aAoHoc2x7bZoYBAcQlwJdM3
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2