Overview

overview

10

Static

static

deb872cd3d...bc.exe

windows7-x64

10

deb872cd3d...bc.exe

windows10-2004-x64

10

Resubmissions

15-01-2023 11:07

230115-m76e7shg6y 10

15-01-2023 10:56

230115-m1na2shf5y 10

15-01-2023 10:45

230115-mttjgshe6s 10

15-01-2023 10:21

230115-md2j6ade23 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    deb872cd3da638e848ac21bd34ad31a3c2164786a0d4da0316531c62a0b1eebc

  • Size

    192KB

  • Sample

    230115-m1na2shf5y

  • MD5

    75e80b6baac14a07825c5deb18b4024a

  • SHA1

    da138e3f36f1ac1b49afa07f41738fd4b73e23b2

  • SHA256

    deb872cd3da638e848ac21bd34ad31a3c2164786a0d4da0316531c62a0b1eebc

  • SHA512

    68cbea358fd537a13f48cd21520996960f7acf38b72fe371c069884d7c2acedfdacb50812ec2c60442a67e76cd7e09fcec752efedac119d27cc9071c2bd826e5

  • SSDEEP

    3072:TgutN5LZseWDzoPZ6WS6BLfvgaSlpcD+05f:nSzkPDNGEf

Score
10/10
fatalratinfostealerpersistencerat

Malware Config

Targets

    • Target

      deb872cd3da638e848ac21bd34ad31a3c2164786a0d4da0316531c62a0b1eebc

    • Size

      192KB

    • MD5

      75e80b6baac14a07825c5deb18b4024a

    • SHA1

      da138e3f36f1ac1b49afa07f41738fd4b73e23b2

    • SHA256

      deb872cd3da638e848ac21bd34ad31a3c2164786a0d4da0316531c62a0b1eebc

    • SHA512

      68cbea358fd537a13f48cd21520996960f7acf38b72fe371c069884d7c2acedfdacb50812ec2c60442a67e76cd7e09fcec752efedac119d27cc9071c2bd826e5

    • SSDEEP

      3072:TgutN5LZseWDzoPZ6WS6BLfvgaSlpcD+05f:nSzkPDNGEf

    Score
    10/10
    fatalratinfostealerpersistencerat

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

      infostealerratfatalrat

    • Fatal Rat payload

      ratinfostealer

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks