Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ab6a39b8f6567f05c7f1929de047a9a5bd0dc4243e0c32b11c38856d9f5b991c
-
Size
101KB
-
Sample
230803-k8kh1sce67
-
MD5
c24b15ddcf5f38b957e29cbb770513b6
-
SHA1
776d4d0ebaaa3ad42ca0bea26e55efe032d64922
-
SHA256
ab6a39b8f6567f05c7f1929de047a9a5bd0dc4243e0c32b11c38856d9f5b991c
-
SHA512
7dc315b2981d7b9bb61967541119c76a6ffec913c20093a2a0f94dcb52d7b49f087afe406549254ab969ec451bfa66158ce38ce16b33076d8fe0aba3d447b6b8
-
SSDEEP
1536:gt1DlqVQsb7O+qgC23pG8XIXNe6Mv5io63RG8jpkcF6YPxMsJPxj:ggrO+qh2pXye6MBN63RpjpZFBxMExj
Static task
static1
Behavioral task
behavioral1
Sample
ab6a39b8f6567f05c7f1929de047a9a5bd0dc4243e0c32b11c38856d9f5b991c.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
ab6a39b8f6567f05c7f1929de047a9a5bd0dc4243e0c32b11c38856d9f5b991c.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
ab6a39b8f6567f05c7f1929de047a9a5bd0dc4243e0c32b11c38856d9f5b991c
-
Size
101KB
-
MD5
c24b15ddcf5f38b957e29cbb770513b6
-
SHA1
776d4d0ebaaa3ad42ca0bea26e55efe032d64922
-
SHA256
ab6a39b8f6567f05c7f1929de047a9a5bd0dc4243e0c32b11c38856d9f5b991c
-
SHA512
7dc315b2981d7b9bb61967541119c76a6ffec913c20093a2a0f94dcb52d7b49f087afe406549254ab969ec451bfa66158ce38ce16b33076d8fe0aba3d447b6b8
-
SSDEEP
1536:gt1DlqVQsb7O+qgC23pG8XIXNe6Mv5io63RG8jpkcF6YPxMsJPxj:ggrO+qh2pXye6MBN63RpjpZFBxMExj
Score10/10-
FatalRat
FatalRat is a modular infostealer family written in C++ first appearing in June 2021.
-
Fatal Rat payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-