Overview

overview

10

Static

static

tmp.exe

windows7-x64

10

tmp.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    43s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    17-12-2022 20:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tmp.exe

  • Size

    60KB

  • MD5

    8e946f74815696883edc7ce2011bf251

  • SHA1

    8b3edd2008ce20c3a625223e6df981537580c6ba

  • SHA256

    a6845c976c3fdeb0750f291d9f6da7aeb2261d25a3e1839af4c5b16944cbeba7

  • SHA512

    4dc55e5a9e79b26ee21fa2d456942e93a1c4b9b0d0239b3610710f2171d850b0c1ddfff077cb8c75f49193c758b10880cdc638a8c6726dda441c18c6d1b51b7c

  • SSDEEP

    768:nlPeOQrHVHxeh+wdR11tTWt5fWDC7hP5Y2YW8QijsBIlmqNCt56HikCqMSdbN0zw:nlPeOaVRAPYfWEq6I4mmqLWqMSRN0

Score
10/10
fatalratinfostealerrat

Malware Config

Signatures

  • FatalRat

    FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

    infostealerratfatalrat
  • Fatal Rat payload 2 IoCs
    ratinfostealer
  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Suspicious behavior: EnumeratesProcesses 51 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\tmp.exe
    "C:\Users\Admin\AppData\Local\Temp\tmp.exe"
    1⤵
    • Checks processor information in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1672

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1672-54-0x0000000075111000-0x0000000075113000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1672-55-0x0000000010000000-0x0000000010028000-memory.dmp

    Filesize

    160KB

    Download

  • memory/1672-58-0x0000000001CC0000-0x0000000001D0E000-memory.dmp

    Filesize

    312KB

    Download