Overview

overview

10

Static

static

1

税51发_票_.exe

windows7-x64

10

税51发_票_.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    税51发_票_.exe

  • Size

    2.5MB

  • Sample

    231130-cq22caeg62

  • MD5

    9393a9c95f8a40ad022562848e92a58b

  • SHA1

    3079b39c35b5912a6f6d31180ca8ae531d5d5a31

  • SHA256

    284eee0dd617e5409bbce94302d73629efedff6c4c92cd0e4333a19adf047044

  • SHA512

    8678fc00a6f94bf46a05deeb2b4353ffd048204b528a3a5eed15979a0fe415eb3e607938eeebf956adcdd4ccaa55a2f35478fa650d995c485dafc73d3117a66d

  • SSDEEP

    49152:R8HqtWATVLe2RNODMGJ9jinsXGeXxj3i/5Ea8x2zvMyGhgYrWtbnzp6sghYn+U/D:8mWATV1RNODMmjinsWeXxj3i/5fMyGhM

Score
10/10
fatalratinfostealerrat

Malware Config

Targets

    • Target

      税51发_票_.exe

    • Size

      2.5MB

    • MD5

      9393a9c95f8a40ad022562848e92a58b

    • SHA1

      3079b39c35b5912a6f6d31180ca8ae531d5d5a31

    • SHA256

      284eee0dd617e5409bbce94302d73629efedff6c4c92cd0e4333a19adf047044

    • SHA512

      8678fc00a6f94bf46a05deeb2b4353ffd048204b528a3a5eed15979a0fe415eb3e607938eeebf956adcdd4ccaa55a2f35478fa650d995c485dafc73d3117a66d

    • SSDEEP

      49152:R8HqtWATVLe2RNODMGJ9jinsXGeXxj3i/5Ea8x2zvMyGhgYrWtbnzp6sghYn+U/D:8mWATV1RNODMmjinsWeXxj3i/5fMyGhM

    Score
    10/10
    fatalratinfostealerrat

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

      infostealerratfatalrat

    • Fatal Rat payload

      ratinfostealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks