Overview

overview

10

Static

static

3

6ecf7cf74a...07.exe

windows7-x64

8

6ecf7cf74a...07.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6ecf7cf74a9eaa98f899c198b4e876a302041b090db057135eefc05c3c8a8607

  • Size

    203KB

  • Sample

    231014-j5j8eaag33

  • MD5

    5e8ca71cc6b60c4d92eac70f84e14487

  • SHA1

    58988de5f00c4e8454a8dfd0126a58f39e7db8cb

  • SHA256

    6ecf7cf74a9eaa98f899c198b4e876a302041b090db057135eefc05c3c8a8607

  • SHA512

    9d83f3c43397b2cb56b3d7112fdab31f5b1d0d7705485ab141f5dafcb4dd955c150feaa0b2b59619933c0fd456ebb96a04f7e507ccb4fe4c6263b1aec68a44e0

  • SSDEEP

    6144:ISEciALqb7GHGuMz7FeuRAOo6SLuQkmsS:ISEcdLqby2aUms

Score
10/10
fatalratinfostealerrat

Malware Config

Targets

    • Target

      6ecf7cf74a9eaa98f899c198b4e876a302041b090db057135eefc05c3c8a8607

    • Size

      203KB

    • MD5

      5e8ca71cc6b60c4d92eac70f84e14487

    • SHA1

      58988de5f00c4e8454a8dfd0126a58f39e7db8cb

    • SHA256

      6ecf7cf74a9eaa98f899c198b4e876a302041b090db057135eefc05c3c8a8607

    • SHA512

      9d83f3c43397b2cb56b3d7112fdab31f5b1d0d7705485ab141f5dafcb4dd955c150feaa0b2b59619933c0fd456ebb96a04f7e507ccb4fe4c6263b1aec68a44e0

    • SSDEEP

      6144:ISEciALqb7GHGuMz7FeuRAOo6SLuQkmsS:ISEcdLqby2aUms

    Score
    10/10
    fatalratinfostealerrat

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

      infostealerratfatalrat

    • Fatal Rat payload

      ratinfostealer

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks