General
-
Target
Perl510.dll
-
Size
924KB
-
Sample
220521-sbkfradaek
-
MD5
dbf8b9ab8ae650d5b452240c0e9c90df
-
SHA1
1215872c6f7306d6ba14133eb706483f04445885
-
SHA256
9c7feb98fb5804f1f80dd03db1f84a06b68ea6043d2d34ab53edce82b83827b2
-
SHA512
f9ab16d7946f4dfab4abbe368d6863dbaa1e0c49b6b051ff44eecdf0053ee0d1204272b08ffc925d76335874ca1099ebebc84ba80be3aa9c9bd5e5007a62d3a9
Static task
static1
Behavioral task
behavioral1
Sample
Perl510.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Perl510.dll
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
Perl510.dll
-
Size
924KB
-
MD5
dbf8b9ab8ae650d5b452240c0e9c90df
-
SHA1
1215872c6f7306d6ba14133eb706483f04445885
-
SHA256
9c7feb98fb5804f1f80dd03db1f84a06b68ea6043d2d34ab53edce82b83827b2
-
SHA512
f9ab16d7946f4dfab4abbe368d6863dbaa1e0c49b6b051ff44eecdf0053ee0d1204272b08ffc925d76335874ca1099ebebc84ba80be3aa9c9bd5e5007a62d3a9
Score10/10-
FatalRat
FatalRat is a modular infostealer family written in C++ first appearing in June 2021.
-
Fatal Rat Payload
-
Blocklisted process makes network request
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-