fatalrat | 0373e6b54ee6a2016973e3764af817b19b3aa9cb97e77845c86227eb215b4e72 | Triage

Submit
Reports

Overview

overview

Static

static

3

2023-08-26...JC.exe

windows7-x64

2023-08-26...JC.exe

windows10-2004-x64

Sharing

General

Target

2023-08-26_f5bde7dc4c139488d3dd8434e92a5cc4_mafia_JC.exe
Size

96KB
Sample

231001-z99lvsdg8v
MD5

f5bde7dc4c139488d3dd8434e92a5cc4
SHA1

7b682d6607e2a11a88d34e4ad141e4135bdde589
SHA256

0373e6b54ee6a2016973e3764af817b19b3aa9cb97e77845c86227eb215b4e72
SHA512

de8e99335e1459374838baff9d0af4ed3b7a425813de9e4649d613b4165f96d374ebd5db340a3dcadab3bd8a197806146aee26527dc16030534a2c0f4da8dfa0
SSDEEP

1536:J0FfM5+DncE24ujIds67Ef+TTd014UQcqYs3sbTP:WFfM4D1/2+W14UQcqYs

Score

10^/10

fatalrat aspackv2 infostealer rat upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2023-08-26_f5bde7dc4c139488d3dd8434e92a5cc4_mafia_JC.exe

Resource

win7-20230831-en

fatalrat aspackv2 infostealer rat upx

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

2023-08-26_f5bde7dc4c139488d3dd8434e92a5cc4_mafia_JC.exe

Resource

win10v2004-20230915-en

fatalrat aspackv2 infostealer rat upx

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  2023-08-26_f5bde7dc4c139488d3dd8434e92a5cc4_mafia_JC.exe
- Size
  
  96KB
- MD5
  
  f5bde7dc4c139488d3dd8434e92a5cc4
- SHA1
  
  7b682d6607e2a11a88d34e4ad141e4135bdde589
- SHA256
  
  0373e6b54ee6a2016973e3764af817b19b3aa9cb97e77845c86227eb215b4e72
- SHA512
  
  de8e99335e1459374838baff9d0af4ed3b7a425813de9e4649d613b4165f96d374ebd5db340a3dcadab3bd8a197806146aee26527dc16030534a2c0f4da8dfa0
- SSDEEP
  
  1536:J0FfM5+DncE24ujIds67Ef+TTd014UQcqYs3sbTP:WFfM4D1/2+W14UQcqYs
Score

10^/10

fatalrat aspackv2 infostealer rat upx
- FatalRat
  FatalRat is a modular infostealer family written in C++ first appearing in June 2021.
  infostealer rat fatalrat
- Fatal Rat payload
  rat infostealer
- Downloads MZ/PE file
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fatalrataspackv2infostealerratupx

behavioral2

fatalrataspackv2infostealerratupx

© 2018-2025

Terms | Privacy