General
-
Target
82fc444c2e6ebe55046ddf5c031b7fcad832a8fd4f66b8a40e509a81ca413735
-
Size
520KB
-
Sample
231213-tdgnbaehcp
-
MD5
00d96db6440e496f298013ae3d4806d8
-
SHA1
2d3801fb6264694adfe8d61d25662ec31939d49e
-
SHA256
82fc444c2e6ebe55046ddf5c031b7fcad832a8fd4f66b8a40e509a81ca413735
-
SHA512
2361c93d789da3a93008e37f02bc16f59eb107918260b87d6466e0a280ad14c9472c8bc60f17b2e585da72e0740905591a5300b4463d87ad00fb88b043ac8c9b
-
SSDEEP
12288:vXLLkwykYRIZLNpxjb72MCt0LARqbdpZs:vXLLmkNZLflHCtc2qbx
Malware Config
Targets
-
-
Target
82fc444c2e6ebe55046ddf5c031b7fcad832a8fd4f66b8a40e509a81ca413735
-
Size
520KB
-
MD5
00d96db6440e496f298013ae3d4806d8
-
SHA1
2d3801fb6264694adfe8d61d25662ec31939d49e
-
SHA256
82fc444c2e6ebe55046ddf5c031b7fcad832a8fd4f66b8a40e509a81ca413735
-
SHA512
2361c93d789da3a93008e37f02bc16f59eb107918260b87d6466e0a280ad14c9472c8bc60f17b2e585da72e0740905591a5300b4463d87ad00fb88b043ac8c9b
-
SSDEEP
12288:vXLLkwykYRIZLNpxjb72MCt0LARqbdpZs:vXLLmkNZLflHCtc2qbx
Score10/10-
FatalRat
FatalRat is a modular infostealer family written in C++ first appearing in June 2021.
-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Fatal Rat payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-