Overview

overview

10

Static

static

1

84ddf08235...cd.exe

windows7-x64

10

84ddf08235...cd.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    84ddf0823586b96889ade538ba040a24e8904e5cf18f0d9f51ec0e9b08e504cd

  • Size

    3.0MB

  • Sample

    231213-1tks8shfbk

  • MD5

    139fdef0045c1f40b90e6d3b92ad8b56

  • SHA1

    79a61b28284cb4c61ffeb0e818684d6ea0b9c760

  • SHA256

    84ddf0823586b96889ade538ba040a24e8904e5cf18f0d9f51ec0e9b08e504cd

  • SHA512

    69f326a71ab498a83d3a489cd6b40229d7b503f1c4826eb75d095c037e2eaa540037440fffc20f40b27fb171c2b351df9a59e4949a4a0ebd78ff35a82149356b

  • SSDEEP

    98304:cZKc9qTsbAW0GpMtkxkT8ZPKJPZPyQeGvQfyjA7o:cZrswpZxkT8YyQeGYf+A7o

Score
10/10
fatalratinfostealerrat

Malware Config

Targets

    • Target

      84ddf0823586b96889ade538ba040a24e8904e5cf18f0d9f51ec0e9b08e504cd

    • Size

      3.0MB

    • MD5

      139fdef0045c1f40b90e6d3b92ad8b56

    • SHA1

      79a61b28284cb4c61ffeb0e818684d6ea0b9c760

    • SHA256

      84ddf0823586b96889ade538ba040a24e8904e5cf18f0d9f51ec0e9b08e504cd

    • SHA512

      69f326a71ab498a83d3a489cd6b40229d7b503f1c4826eb75d095c037e2eaa540037440fffc20f40b27fb171c2b351df9a59e4949a4a0ebd78ff35a82149356b

    • SSDEEP

      98304:cZKc9qTsbAW0GpMtkxkT8ZPKJPZPyQeGvQfyjA7o:cZrswpZxkT8YyQeGYf+A7o

    Score
    10/10
    fatalratinfostealerrat

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

      infostealerratfatalrat

    • Fatal Rat payload

      ratinfostealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks