Overview

overview

10

Static

static

1

个人投.....exe

windows7-x64

10

个人投.....exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    个人投资流水明细..zip

  • Size

    4.5MB

  • Sample

    230327-fzj4nsdh2z

  • MD5

    3c4a1508c3c3230b988e2ea047f429f5

  • SHA1

    9811bc3d6b1c87e5e4956a24a660858446414247

  • SHA256

    019af7bf01a7b831536882c21e802033cedc4de7f42c374ef68571c5552b4696

  • SHA512

    0c11bc7dee2c627011424d7f642c70e0317b62108c7f805ab751e0004c78bad71f67ab3767d7d11ca389707851eb762518ceaed7ec2b0a5d795e7c7beda218d0

  • SSDEEP

    98304:aiOq1WnbZnH7ZyOzknBlKUv5wn64Yn6pYuXPBHNX3ChULs:dOaWF1kBlKUv5wn6446pYoHNnC7

Score
10/10
fatalratinfostealerrat

Malware Config

Targets

    • Target

      个人投资流水明细..bat

    • Size

      4.5MB

    • MD5

      e13305b34dca2550e9cf16d102b9fd69

    • SHA1

      f79684a15bec40a154585caa83c7a030043ea570

    • SHA256

      ba3c0e098d9f3007c8ac221344fcc2c2499eeb4e954392a853290b532dc75f81

    • SHA512

      7bec907099012a4561e0ccd61b38caf4e68953b5d453948a1d9548e19029051ac5489a92a3915e520fd14e6bb5764e378aae3026d35f4ae14ba183f17d1ceade

    • SSDEEP

      98304:8ms2Ppr55vJvBh/xpnNQAfbU9I285Uf4yfJrDjdn+B8by:HsMprp7xhNQAfbU9I2AUf4aDjJ+b

    Score
    10/10
    fatalratinfostealerrat

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

      infostealerratfatalrat

    • Fatal Rat payload

      ratinfostealer

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks