Overview

overview

10

Static

static

3

b2b8edb831...c4.exe

windows7-x64

10

b2b8edb831...c4.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b2b8edb831047a486ad58488be7497f74c262ced7a35e0b1b2e063495bffd6c4

  • Size

    93KB

  • Sample

    230910-nqlj5sgg3y

  • MD5

    074a292b0a1405cf35e5a9d6067f15ca

  • SHA1

    5bcc1e4784d67b3ba0dd7147514cd883b246a80a

  • SHA256

    b2b8edb831047a486ad58488be7497f74c262ced7a35e0b1b2e063495bffd6c4

  • SHA512

    b6ebc5b826e44b5e9c75d167ddefe98cd1aac3d2ea1dc3a96efceba3179f6a49b76239e6aa8504524d3ce02244a96d5f24642b267119fa11d919bd7b5283868f

  • SSDEEP

    1536:1NeXBiSPip4rS8m+mRiSG8rnv2LAczc9Cv6RHSXZnsW/cd5UpmgCQ9pdeFi:1JSzrS8IG8rnv2LAczclIXm5UYgC6veg

Score
10/10
fatalratinfostealerrat

Malware Config

Targets

    • Target

      b2b8edb831047a486ad58488be7497f74c262ced7a35e0b1b2e063495bffd6c4

    • Size

      93KB

    • MD5

      074a292b0a1405cf35e5a9d6067f15ca

    • SHA1

      5bcc1e4784d67b3ba0dd7147514cd883b246a80a

    • SHA256

      b2b8edb831047a486ad58488be7497f74c262ced7a35e0b1b2e063495bffd6c4

    • SHA512

      b6ebc5b826e44b5e9c75d167ddefe98cd1aac3d2ea1dc3a96efceba3179f6a49b76239e6aa8504524d3ce02244a96d5f24642b267119fa11d919bd7b5283868f

    • SSDEEP

      1536:1NeXBiSPip4rS8m+mRiSG8rnv2LAczc9Cv6RHSXZnsW/cd5UpmgCQ9pdeFi:1JSzrS8IG8rnv2LAczclIXm5UYgC6veg

    Score
    10/10
    fatalratinfostealerrat

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

      infostealerratfatalrat

    • Fatal Rat payload

      ratinfostealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks