Overview

overview

10

Static

static

1

ef53c2a2ce...ba.exe

windows7-x64

10

ef53c2a2ce...ba.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ef53c2a2ce21b188a021b9a2c36f05439212b51a1ebd13bb3f7df1dea907a2ba

  • Size

    2.7MB

  • Sample

    231128-m6vx3shd45

  • MD5

    0dade7bcf1212d7fafda2147303c19a2

  • SHA1

    da9805a8596958e3e1730a51eb7758c0de48283b

  • SHA256

    ef53c2a2ce21b188a021b9a2c36f05439212b51a1ebd13bb3f7df1dea907a2ba

  • SHA512

    15558f0b9827cb9338c1987c8c714c246917c7dd4a9f1128de94d2fea05ef1d04ae88007dd0fd82236eb386d373deb4184f82309ae47372577fa5adc3f879c14

  • SSDEEP

    49152:b9oI7ljc+otzcS/qh5lTHciyyiOkDB6sxPGuciQ5/RFFCmpwxSGq:hjpjZoT/qh5F8iyyiOGB6sxBaFFCmpwA

Score
10/10
fatalratinfostealerrat

Malware Config

Targets

    • Target

      ef53c2a2ce21b188a021b9a2c36f05439212b51a1ebd13bb3f7df1dea907a2ba

    • Size

      2.7MB

    • MD5

      0dade7bcf1212d7fafda2147303c19a2

    • SHA1

      da9805a8596958e3e1730a51eb7758c0de48283b

    • SHA256

      ef53c2a2ce21b188a021b9a2c36f05439212b51a1ebd13bb3f7df1dea907a2ba

    • SHA512

      15558f0b9827cb9338c1987c8c714c246917c7dd4a9f1128de94d2fea05ef1d04ae88007dd0fd82236eb386d373deb4184f82309ae47372577fa5adc3f879c14

    • SSDEEP

      49152:b9oI7ljc+otzcS/qh5lTHciyyiOkDB6sxPGuciQ5/RFFCmpwxSGq:hjpjZoT/qh5F8iyyiOGB6sxBaFFCmpwA

    Score
    10/10
    fatalratinfostealerrat

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

      infostealerratfatalrat

    • Fatal Rat payload

      ratinfostealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks