Overview

overview

10

Static

static

3

68f5f8e2d9...5d.exe

windows7-x64

10

68f5f8e2d9...5d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    68f5f8e2d9afd2c42b7315cafc726130c9e24a4ad6a0b97628efdc79e88bed5d

  • Size

    2.5MB

  • Sample

    240309-j1jq3sfa2w

  • MD5

    07520d8dba0ae86fc795544ef424f1c2

  • SHA1

    b2543b059e92b32d5b3632a73e1e3d684c19468d

  • SHA256

    68f5f8e2d9afd2c42b7315cafc726130c9e24a4ad6a0b97628efdc79e88bed5d

  • SHA512

    dbd39e1e9e49c4328a11f68966f5f7a741068200658026db2b579fcc953314b7609e07d30e4a5c656d9ae7fc77ef2d20558264373adca923087a4cabe6345ea8

  • SSDEEP

    49152:be8Pbe4aJLOeOQD63cqM91/3/yPpjfNBqWUa5mAlOKVtSquYS66p5IroB8qX51an:beSgJLDOQD6MV91/3/yRbNBqWUBLKVYC

Score
10/10
fatalratinfostealerrat

Malware Config

Targets

    • Target

      68f5f8e2d9afd2c42b7315cafc726130c9e24a4ad6a0b97628efdc79e88bed5d

    • Size

      2.5MB

    • MD5

      07520d8dba0ae86fc795544ef424f1c2

    • SHA1

      b2543b059e92b32d5b3632a73e1e3d684c19468d

    • SHA256

      68f5f8e2d9afd2c42b7315cafc726130c9e24a4ad6a0b97628efdc79e88bed5d

    • SHA512

      dbd39e1e9e49c4328a11f68966f5f7a741068200658026db2b579fcc953314b7609e07d30e4a5c656d9ae7fc77ef2d20558264373adca923087a4cabe6345ea8

    • SSDEEP

      49152:be8Pbe4aJLOeOQD63cqM91/3/yPpjfNBqWUa5mAlOKVtSquYS66p5IroB8qX51an:beSgJLDOQD6MV91/3/yRbNBqWUBLKVYC

    Score
    10/10
    fatalratinfostealerrat

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

      infostealerratfatalrat

    • Fatal Rat payload

      ratinfostealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks