Overview

overview

10

Static

static

1

9a99fe1020...d6.msi

windows7-x64

10

9a99fe1020...d6.msi

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9a99fe10206bf68fe6f6cfecb33a84f561ff9c6d4e301375995dddb0877901d6

  • Size

    39.1MB

  • Sample

    230426-ege7bsgh51

  • MD5

    32e5e82ad43496d9d008a56dc4c3bd2e

  • SHA1

    fd1427fdebeefa57a67dc9144260d6ddb973c020

  • SHA256

    9a99fe10206bf68fe6f6cfecb33a84f561ff9c6d4e301375995dddb0877901d6

  • SHA512

    0285c65819107dc070044b5341fd5715ed5b5e69950195c856f9d3f756ea65ae154612606c9f00aa6700a4ff8df20d69504f67abf41e579151552197f4fe043e

  • SSDEEP

    786432:sELWxpnW4goBOWB+SDFogpevseZCKN3XYVB/tLJ/+Fcrk5sEZpVcvGs:sEQRcoRBJogpKCSGFEerk5nZpVAGs

Score
10/10
fatalratinfostealerrat

Malware Config

Targets

    • Target

      9a99fe10206bf68fe6f6cfecb33a84f561ff9c6d4e301375995dddb0877901d6

    • Size

      39.1MB

    • MD5

      32e5e82ad43496d9d008a56dc4c3bd2e

    • SHA1

      fd1427fdebeefa57a67dc9144260d6ddb973c020

    • SHA256

      9a99fe10206bf68fe6f6cfecb33a84f561ff9c6d4e301375995dddb0877901d6

    • SHA512

      0285c65819107dc070044b5341fd5715ed5b5e69950195c856f9d3f756ea65ae154612606c9f00aa6700a4ff8df20d69504f67abf41e579151552197f4fe043e

    • SSDEEP

      786432:sELWxpnW4goBOWB+SDFogpevseZCKN3XYVB/tLJ/+Fcrk5sEZpVcvGs:sEQRcoRBJogpKCSGFEerk5nZpVAGs

    Score
    10/10
    fatalratinfostealerrat

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

      infostealerratfatalrat

    • Fatal Rat payload

      ratinfostealer

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks