fatalrat | 33793c18f4ef04f93daf800f93451cbdb6f04a169a022fb77e2f96b9b98c0336 | Triage

Submit
Reports

Overview

overview

Static

static

33793c18f4...36.exe

windows7-x64

33793c18f4...36.exe

windows10-2004-x64

Sharing

General

Target

33793c18f4ef04f93daf800f93451cbdb6f04a169a022fb77e2f96b9b98c0336
Size

37.5MB
Sample

221101-gerhpahecm
MD5

0e2d5f3e5dcb7227f15df1c64ada464a
SHA1

7b3a9e131e8064a5ea2b29624de56649e2a024ca
SHA256

33793c18f4ef04f93daf800f93451cbdb6f04a169a022fb77e2f96b9b98c0336
SHA512

c72d5ea2924636275a911c872976e4aa06a2b5be05305a066268fe465325ab5ffa232eb5ecb2be2f56b57ccdd6909475ca9d54dcb8de994f7f2fa208b1454d9d
SSDEEP

786432:VxZhxUMwYZ6QlkQpbMSFsJQU3AOhp/iX1hvj/1g1I/odi8HnZb:VDjCYXlZMSFeACIdiS/odlH1

Score

10^/10

fatalrat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

33793c18f4ef04f93daf800f93451cbdb6f04a169a022fb77e2f96b9b98c0336.exe

Resource

win7-20220812-en

fatalrat infostealer rat

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

33793c18f4ef04f93daf800f93451cbdb6f04a169a022fb77e2f96b9b98c0336.exe

Resource

win10v2004-20220812-en

fatalrat infostealer rat

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  33793c18f4ef04f93daf800f93451cbdb6f04a169a022fb77e2f96b9b98c0336
- Size
  
  37.5MB
- MD5
  
  0e2d5f3e5dcb7227f15df1c64ada464a
- SHA1
  
  7b3a9e131e8064a5ea2b29624de56649e2a024ca
- SHA256
  
  33793c18f4ef04f93daf800f93451cbdb6f04a169a022fb77e2f96b9b98c0336
- SHA512
  
  c72d5ea2924636275a911c872976e4aa06a2b5be05305a066268fe465325ab5ffa232eb5ecb2be2f56b57ccdd6909475ca9d54dcb8de994f7f2fa208b1454d9d
- SSDEEP
  
  786432:VxZhxUMwYZ6QlkQpbMSFsJQU3AOhp/iX1hvj/1g1I/odi8HnZb:VDjCYXlZMSFeACIdiS/odlH1
Score

10^/10

fatalrat infostealer rat
- FatalRat
  FatalRat is a modular infostealer family written in C++ first appearing in June 2021.
  infostealer rat fatalrat
- Fatal Rat payload
  rat infostealer
- Blocklisted process makes network request
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fatalratinfostealerrat

behavioral2

fatalratinfostealerrat

© 2018-2025

Terms | Privacy