Overview

overview

10

Static

static

3

e69b9f7302...20.exe

windows7-x64

10

e69b9f7302...20.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e69b9f730231c88660429ded1362e43522aee7de2ba92bfa71d388741461fd20

  • Size

    3.5MB

  • Sample

    231127-l2a7fafg74

  • MD5

    b331ff135846956a414cdcaec85e420f

  • SHA1

    2fd49427e95d9093645bfc6f9d7ba7280bf1fee8

  • SHA256

    e69b9f730231c88660429ded1362e43522aee7de2ba92bfa71d388741461fd20

  • SHA512

    0b979fa28171966be656da99aa9abcc00ffe1fc364f3914f96ddb4fbda52368966d3ad7b81673909dbbc888a05160233cce163a599fb41465f19130c8d96939c

  • SSDEEP

    49152:W2dcEdgh8Lrj3vU6/ltO/byhW/XJ+2hCLXqTluciTst2u0+vs6xFw7G:xdcEFjvUwtOWbq0z6w7

Score
10/10
fatalratinfostealerrat

Malware Config

Targets

    • Target

      e69b9f730231c88660429ded1362e43522aee7de2ba92bfa71d388741461fd20

    • Size

      3.5MB

    • MD5

      b331ff135846956a414cdcaec85e420f

    • SHA1

      2fd49427e95d9093645bfc6f9d7ba7280bf1fee8

    • SHA256

      e69b9f730231c88660429ded1362e43522aee7de2ba92bfa71d388741461fd20

    • SHA512

      0b979fa28171966be656da99aa9abcc00ffe1fc364f3914f96ddb4fbda52368966d3ad7b81673909dbbc888a05160233cce163a599fb41465f19130c8d96939c

    • SSDEEP

      49152:W2dcEdgh8Lrj3vU6/ltO/byhW/XJ+2hCLXqTluciTst2u0+vs6xFw7G:xdcEFjvUwtOWbq0z6w7

    Score
    10/10
    fatalratinfostealerrat

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

      infostealerratfatalrat

    • Fatal Rat payload

      ratinfostealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks