fatalrat | 530b818e7b34f95857d6d5370cd54692f19f5ecf2b0a92c400778094c973f41f | Triage

Submit
Reports

Overview

overview

Static

static

3

2023-08-26...JC.exe

windows7-x64

8

2023-08-26...JC.exe

windows10-2004-x64

Sharing

General

Target

2023-08-26_9eed79924f483a61a623e9aaefa56c4e_mafia_JC.exe
Size

96KB
Sample

230927-xxdybafc35
MD5

9eed79924f483a61a623e9aaefa56c4e
SHA1

2127364ae13f6e6bbd070a72bc9a92a443e1870f
SHA256

530b818e7b34f95857d6d5370cd54692f19f5ecf2b0a92c400778094c973f41f
SHA512

91c6514e463d18ad1d2a0223bf2dff11159d117805fdc165d12b088728be2bd5e8dde3f8512b45074dce02e49e0d99811d861d88b49e0264b540943c2ab865cc
SSDEEP

1536:b0FfM5+DncE24ujIds67Ef+TTd014KWzqYs3cTP:4FfM4D1/2+W14KWzqYs

Score

10^/10

fatalrat aspackv2 infostealer rat upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2023-08-26_9eed79924f483a61a623e9aaefa56c4e_mafia_JC.exe

Resource

win7-20230831-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

2023-08-26_9eed79924f483a61a623e9aaefa56c4e_mafia_JC.exe

Resource

win10v2004-20230915-en

fatalrat aspackv2 infostealer rat upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  2023-08-26_9eed79924f483a61a623e9aaefa56c4e_mafia_JC.exe
- Size
  
  96KB
- MD5
  
  9eed79924f483a61a623e9aaefa56c4e
- SHA1
  
  2127364ae13f6e6bbd070a72bc9a92a443e1870f
- SHA256
  
  530b818e7b34f95857d6d5370cd54692f19f5ecf2b0a92c400778094c973f41f
- SHA512
  
  91c6514e463d18ad1d2a0223bf2dff11159d117805fdc165d12b088728be2bd5e8dde3f8512b45074dce02e49e0d99811d861d88b49e0264b540943c2ab865cc
- SSDEEP
  
  1536:b0FfM5+DncE24ujIds67Ef+TTd014KWzqYs3cTP:4FfM4D1/2+W14KWzqYs
Score

10^/10

aspackv2 upx fatalrat infostealer rat
- FatalRat
  FatalRat is a modular infostealer family written in C++ first appearing in June 2021.
  infostealer rat fatalrat
- Fatal Rat payload
  rat infostealer
- Downloads MZ/PE file
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

fatalrataspackv2infostealerratupx

© 2018-2025

Terms | Privacy