General
-
Target
e127b2751dbf53db3d7b63f55b969ffc419275446168c3c1496ca4a99b3594f6
-
Size
1.1MB
-
Sample
240303-t321jsdd94
-
MD5
e1995e1ea6000f8382d98e22aba021ba
-
SHA1
716aa9a9b4ce87c92a4c9661ebdf8ce4cd0a0d51
-
SHA256
e127b2751dbf53db3d7b63f55b969ffc419275446168c3c1496ca4a99b3594f6
-
SHA512
3015d6738e3f337c63041311053d3ba3059252721eb4f2c926955d78612dd3c0c4941d806270b76db2c0676bec64e7b785ced2b6181d8ff0a5155626d35f6e79
-
SSDEEP
24576:jh81D9tMyR1ev8r6TmyfPT7MmaR8HzbiXEyvYhINGwApm:jhQmEr6T1fPT/HiXSI0we
Malware Config
Targets
-
-
Target
e127b2751dbf53db3d7b63f55b969ffc419275446168c3c1496ca4a99b3594f6
-
Size
1.1MB
-
MD5
e1995e1ea6000f8382d98e22aba021ba
-
SHA1
716aa9a9b4ce87c92a4c9661ebdf8ce4cd0a0d51
-
SHA256
e127b2751dbf53db3d7b63f55b969ffc419275446168c3c1496ca4a99b3594f6
-
SHA512
3015d6738e3f337c63041311053d3ba3059252721eb4f2c926955d78612dd3c0c4941d806270b76db2c0676bec64e7b785ced2b6181d8ff0a5155626d35f6e79
-
SSDEEP
24576:jh81D9tMyR1ev8r6TmyfPT7MmaR8HzbiXEyvYhINGwApm:jhQmEr6T1fPT/HiXSI0we
Score10/10-
FatalRat
FatalRat is a modular infostealer family written in C++ first appearing in June 2021.
-
Fatal Rat payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-