r77 | 91e508a9f3590798b6bd703c7ed7f8386eeb1f3dbed66cd670732a05f16fcb77 | Triage

Submit
Reports

Overview

overview

Static

static

1

batman nigg.jpg

windows10-2004-x64

Sharing

General

Target

batman nigg.jpg
Size

9KB
Sample

250112-qa5n7atjew
MD5

6ec3b5cc32ea61d0c1ff1db6be43ab96
SHA1

d7064ce493b9e433524f556896e4ff838629c94b
SHA256

91e508a9f3590798b6bd703c7ed7f8386eeb1f3dbed66cd670732a05f16fcb77
SHA512

bfa0cd76051d6e3c4901682b6b86cb1bf2fba663c909962055621b121124a88596f90ad5aa34273064c57a8bcd28bf539d4296720fc3d27882d5bc6394d26555
SSDEEP

192:7wujtw2wDjeuHfoDYlhKpXX+WcJVbfLBm:7wUsDytaKcWcJVbLo

Score

10^/10

r77 discovery rootkit

Static task

static1

Behavioral task

behavioral1

Sample

batman nigg.jpg

Resource

win10v2004-20241007-en

r77 discovery rootkit

windows10-2004-x64

15 signatures

900 seconds

Malware Config

Targets

- Target
  
  batman nigg.jpg
- Size
  
  9KB
- MD5
  
  6ec3b5cc32ea61d0c1ff1db6be43ab96
- SHA1
  
  d7064ce493b9e433524f556896e4ff838629c94b
- SHA256
  
  91e508a9f3590798b6bd703c7ed7f8386eeb1f3dbed66cd670732a05f16fcb77
- SHA512
  
  bfa0cd76051d6e3c4901682b6b86cb1bf2fba663c909962055621b121124a88596f90ad5aa34273064c57a8bcd28bf539d4296720fc3d27882d5bc6394d26555
- SSDEEP
  
  192:7wujtw2wDjeuHfoDYlhKpXX+WcJVbfLBm:7wUsDytaKcWcJVbLo
Score

10^/10

r77 discovery rootkit
- R77 family
  r77
- r77
  r77 is an open-source, userland rootkit.
  rootkit r77
- r77 rootkit payload
  Detects the payload of the r77 rootkit.
- Downloads MZ/PE file
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

r77discoveryrootkit

© 2018-2025

Terms | Privacy