fatalrat | ba3c0e098d9f3007c8ac221344fcc2c2499eeb4e954392a853290b532dc75f81 | Triage

Submit
Reports

Overview

overview

Static

static

1

1.exe

windows7-x64

1.exe

windows10-2004-x64

Sharing

General

Target

1
Size

4.5MB
Sample

230325-gpz8ksbd73
MD5

e13305b34dca2550e9cf16d102b9fd69
SHA1

f79684a15bec40a154585caa83c7a030043ea570
SHA256

ba3c0e098d9f3007c8ac221344fcc2c2499eeb4e954392a853290b532dc75f81
SHA512

7bec907099012a4561e0ccd61b38caf4e68953b5d453948a1d9548e19029051ac5489a92a3915e520fd14e6bb5764e378aae3026d35f4ae14ba183f17d1ceade
SSDEEP

98304:8ms2Ppr55vJvBh/xpnNQAfbU9I285Uf4yfJrDjdn+B8by:HsMprp7xhNQAfbU9I2AUf4aDjJ+b

Score

10^/10

fatalrat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

1.exe

Resource

win7-20230220-en

fatalrat infostealer rat

windows7-x64

12 signatures

600 seconds

Behavioral task

behavioral2

Sample

1.exe

Resource

win10v2004-20230220-en

fatalrat infostealer rat

windows10-2004-x64

12 signatures

600 seconds

Malware Config

Targets

- Target
  
  1
- Size
  
  4.5MB
- MD5
  
  e13305b34dca2550e9cf16d102b9fd69
- SHA1
  
  f79684a15bec40a154585caa83c7a030043ea570
- SHA256
  
  ba3c0e098d9f3007c8ac221344fcc2c2499eeb4e954392a853290b532dc75f81
- SHA512
  
  7bec907099012a4561e0ccd61b38caf4e68953b5d453948a1d9548e19029051ac5489a92a3915e520fd14e6bb5764e378aae3026d35f4ae14ba183f17d1ceade
- SSDEEP
  
  98304:8ms2Ppr55vJvBh/xpnNQAfbU9I285Uf4yfJrDjdn+B8by:HsMprp7xhNQAfbU9I2AUf4aDjJ+b
Score

10^/10

fatalrat infostealer rat
- FatalRat
  FatalRat is a modular infostealer family written in C++ first appearing in June 2021.
  infostealer rat fatalrat
- Fatal Rat payload
  rat infostealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

fatalratinfostealerrat

behavioral2

fatalratinfostealerrat

© 2018-2024

Terms | Privacy