fatalrat | a6108ee9f106dfa91427fdec33e519ba94e61a678d65f5b16e54eb9d44291517 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

7

a6108ee9f1...17.exe

windows7-x64

a6108ee9f1...17.exe

windows10-2004-x64

Sharing

General

Target

a6108ee9f106dfa91427fdec33e519ba94e61a678d65f5b16e54eb9d44291517
Size

299KB
Sample

230810-vs4l3aff46
MD5

5b8b5b65e19ac1bde4757df37cc514f2
SHA1

302ee18b546d39d2f7d99d55a8fdb41839dfffae
SHA256

a6108ee9f106dfa91427fdec33e519ba94e61a678d65f5b16e54eb9d44291517
SHA512

951b16e3811823301ef5c3f799d1243d8e357060af943866e7ad61b331fc49464a5d133c79bf321970e2f7ed0cfc6dbfdcdef4b7a2a9f1d74a5db6bd621a5831
SSDEEP

384:yf11c+U6A8pWfG+Ax7r6+Y9PffPztcOB8lpI7:yfrAgWfGJxCbPrtc68E7

Score

10^/10

fatalrat aspackv2 infostealer rat

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

a6108ee9f106dfa91427fdec33e519ba94e61a678d65f5b16e54eb9d44291517.exe

Resource

win7-20230712-en

fatalrat aspackv2 infostealer rat

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

a6108ee9f106dfa91427fdec33e519ba94e61a678d65f5b16e54eb9d44291517.exe

Resource

win10v2004-20230703-en

fatalrat aspackv2 infostealer rat

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  a6108ee9f106dfa91427fdec33e519ba94e61a678d65f5b16e54eb9d44291517
- Size
  
  299KB
- MD5
  
  5b8b5b65e19ac1bde4757df37cc514f2
- SHA1
  
  302ee18b546d39d2f7d99d55a8fdb41839dfffae
- SHA256
  
  a6108ee9f106dfa91427fdec33e519ba94e61a678d65f5b16e54eb9d44291517
- SHA512
  
  951b16e3811823301ef5c3f799d1243d8e357060af943866e7ad61b331fc49464a5d133c79bf321970e2f7ed0cfc6dbfdcdef4b7a2a9f1d74a5db6bd621a5831
- SSDEEP
  
  384:yf11c+U6A8pWfG+Ax7r6+Y9PffPztcOB8lpI7:yfrAgWfGJxCbPrtc68E7
Score

10^/10

fatalrat aspackv2 infostealer rat
- FatalRat
  FatalRat is a modular infostealer family written in C++ first appearing in June 2021.
  infostealer rat fatalrat
- Fatal Rat payload
  rat infostealer
- Downloads MZ/PE file
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fatalrataspackv2infostealerrat

behavioral2

fatalrataspackv2infostealerrat

© 2018-2025

Terms | Privacy