General

  • Target

    49b32553304f50e71058a7eefcb75983399104dfef69892f7819454f06b1c3dd

  • Size

    2.3MB

  • Sample

    231127-l2dybsfg51

  • MD5

    4448b007465689002d925c3951d6e789

  • SHA1

    d0bf5bdcd1119aa5173a577df16ec283f861563e

  • SHA256

    49b32553304f50e71058a7eefcb75983399104dfef69892f7819454f06b1c3dd

  • SHA512

    bd4119b845757b726927dd0eec3dfd61ed1d5aa0c2ff5f55bcdeac42e2bc728a9d588f6bfac4cd9c517e287ed9bb17e903cfad3bd80be4b33e92091f50c80541

  • SSDEEP

    49152:/mNPCzKewwJIBjZ25HbuEFJnzpGxSs3pLVdEXYV4NmJ9dX76uciTst2u0+vs6xFn:/mgz4wJIBjZ25H6EFJn1GxSGLAXYS8Jj

Malware Config

Targets

    • Target

      49b32553304f50e71058a7eefcb75983399104dfef69892f7819454f06b1c3dd

    • Size

      2.3MB

    • MD5

      4448b007465689002d925c3951d6e789

    • SHA1

      d0bf5bdcd1119aa5173a577df16ec283f861563e

    • SHA256

      49b32553304f50e71058a7eefcb75983399104dfef69892f7819454f06b1c3dd

    • SHA512

      bd4119b845757b726927dd0eec3dfd61ed1d5aa0c2ff5f55bcdeac42e2bc728a9d588f6bfac4cd9c517e287ed9bb17e903cfad3bd80be4b33e92091f50c80541

    • SSDEEP

      49152:/mNPCzKewwJIBjZ25HbuEFJnzpGxSs3pLVdEXYV4NmJ9dX76uciTst2u0+vs6xFn:/mgz4wJIBjZ25H6EFJn1GxSGLAXYS8Jj

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

    • Fatal Rat payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks