General
-
Target
1
-
Size
4.5MB
-
Sample
230325-gpz8ksbd73
-
MD5
e13305b34dca2550e9cf16d102b9fd69
-
SHA1
f79684a15bec40a154585caa83c7a030043ea570
-
SHA256
ba3c0e098d9f3007c8ac221344fcc2c2499eeb4e954392a853290b532dc75f81
-
SHA512
7bec907099012a4561e0ccd61b38caf4e68953b5d453948a1d9548e19029051ac5489a92a3915e520fd14e6bb5764e378aae3026d35f4ae14ba183f17d1ceade
-
SSDEEP
98304:8ms2Ppr55vJvBh/xpnNQAfbU9I285Uf4yfJrDjdn+B8by:HsMprp7xhNQAfbU9I2AUf4aDjJ+b
Static task
static1
Behavioral task
behavioral1
Sample
1.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
1.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
1
-
Size
4.5MB
-
MD5
e13305b34dca2550e9cf16d102b9fd69
-
SHA1
f79684a15bec40a154585caa83c7a030043ea570
-
SHA256
ba3c0e098d9f3007c8ac221344fcc2c2499eeb4e954392a853290b532dc75f81
-
SHA512
7bec907099012a4561e0ccd61b38caf4e68953b5d453948a1d9548e19029051ac5489a92a3915e520fd14e6bb5764e378aae3026d35f4ae14ba183f17d1ceade
-
SSDEEP
98304:8ms2Ppr55vJvBh/xpnNQAfbU9I285Uf4yfJrDjdn+B8by:HsMprp7xhNQAfbU9I2AUf4aDjJ+b
Score10/10-
FatalRat
FatalRat is a modular infostealer family written in C++ first appearing in June 2021.
-
Fatal Rat payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-