Overview

overview

10

Static

static

3

b20b9e1d87...68.exe

windows7-x64

10

b20b9e1d87...68.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b20b9e1d8707e147e2312ca5cf11470b401e3518bb9489d8d31e428635a82668

  • Size

    789KB

  • Sample

    240308-yve82afg61

  • MD5

    17d107bf7243f76070c91cfeb18ed71e

  • SHA1

    9f85566ad0ee040546411e38d9882054f396f621

  • SHA256

    b20b9e1d8707e147e2312ca5cf11470b401e3518bb9489d8d31e428635a82668

  • SHA512

    684a4693f527f46983f6841dddab803bc36fc37152fd3c1ab2d441d3a559dd3fda37d5a145ef528efa8eddafe87ad996c140379922cc0da77e460a2120694900

  • SSDEEP

    12288:0ubsNSOetfARQAPyGU+UwHbLl0tgT1MeQc57fPXzU8MpNfEz6Nw9x:0ubsnafAPyjs7LPP7ff5MpNfo6NSx

Score
10/10
fatalratinfostealerrat

Malware Config

Targets

    • Target

      b20b9e1d8707e147e2312ca5cf11470b401e3518bb9489d8d31e428635a82668

    • Size

      789KB

    • MD5

      17d107bf7243f76070c91cfeb18ed71e

    • SHA1

      9f85566ad0ee040546411e38d9882054f396f621

    • SHA256

      b20b9e1d8707e147e2312ca5cf11470b401e3518bb9489d8d31e428635a82668

    • SHA512

      684a4693f527f46983f6841dddab803bc36fc37152fd3c1ab2d441d3a559dd3fda37d5a145ef528efa8eddafe87ad996c140379922cc0da77e460a2120694900

    • SSDEEP

      12288:0ubsNSOetfARQAPyGU+UwHbLl0tgT1MeQc57fPXzU8MpNfEz6Nw9x:0ubsnafAPyjs7LPP7ff5MpNfo6NSx

    Score
    10/10
    fatalratinfostealerrat

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

      infostealerratfatalrat

    • Fatal Rat payload

      ratinfostealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks