Overview

overview

10

Static

static

1

8933cf5ca2...57.exe

windows7-x64

10

8933cf5ca2...57.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8933cf5ca29e78a3c23f35f7b837efcf6f5f76d88c902ed08205b213165bd857

  • Size

    4.5MB

  • Sample

    230322-edjeksef84

  • MD5

    d9554bbc5c3af0897cf964bfc05a25ee

  • SHA1

    dc7d515a4c955d50b6f33672428435e7eecf68b6

  • SHA256

    8933cf5ca29e78a3c23f35f7b837efcf6f5f76d88c902ed08205b213165bd857

  • SHA512

    563fed4d113e721c337f8708f380bbe09fe29b70d16e5a32c478d26433a0a93ff49d9d832cb209d5312316cbdfd9de7cf666275ba0aae9f8d8de75624a7e8708

  • SSDEEP

    98304:J+pInoZjT50eNzIWXNYrDPARZ2L7h2XvkKjTPeLcDvt6mUE7iaLGtBHCql+jWh7g:oGU+eN1NIDY/Y3KjTeCV6m9/LGFl+

Score
10/10
fatalratinfostealerrat

Malware Config

Targets

    • Target

      8933cf5ca29e78a3c23f35f7b837efcf6f5f76d88c902ed08205b213165bd857

    • Size

      4.5MB

    • MD5

      d9554bbc5c3af0897cf964bfc05a25ee

    • SHA1

      dc7d515a4c955d50b6f33672428435e7eecf68b6

    • SHA256

      8933cf5ca29e78a3c23f35f7b837efcf6f5f76d88c902ed08205b213165bd857

    • SHA512

      563fed4d113e721c337f8708f380bbe09fe29b70d16e5a32c478d26433a0a93ff49d9d832cb209d5312316cbdfd9de7cf666275ba0aae9f8d8de75624a7e8708

    • SSDEEP

      98304:J+pInoZjT50eNzIWXNYrDPARZ2L7h2XvkKjTPeLcDvt6mUE7iaLGtBHCql+jWh7g:oGU+eN1NIDY/Y3KjTeCV6m9/LGFl+

    Score
    10/10
    fatalratinfostealerrat

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

      infostealerratfatalrat

    • Fatal Rat payload

      ratinfostealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks