fatalrat | 1e2c7051ebeb72a3a6d0c187c61c2c56f6e95eef914baeb166bc7b0b13d889fd | Triage

Submit
Reports

Overview

overview

Static

static

3

1e2c7051eb...fd.exe

windows7-x64

1e2c7051eb...fd.exe

windows10-2004-x64

Sharing

General

Target

1e2c7051ebeb72a3a6d0c187c61c2c56f6e95eef914baeb166bc7b0b13d889fd
Size

192KB
Sample

240525-zk7qzaad38
MD5

d36233c1d0112b5873847cb53efe21e7
SHA1

0ebae8d57e424549a0ae40fca75db0c86aaef779
SHA256

1e2c7051ebeb72a3a6d0c187c61c2c56f6e95eef914baeb166bc7b0b13d889fd
SHA512

e88a4ccb24ea8ad69dc996c261d9ea24877888de1804ad5cc5d99ef7c72d5727d21b7481ac8d40472f4970c8916bf8f346c07cbacb4f48ec5fd03f73bfb001da
SSDEEP

3072:T1ltd5LZseWDzoPZ6WS6BLfvgaSlpcD+05f:NSzkPDNGEf

Score

10^/10

fatalrat infostealer rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1e2c7051ebeb72a3a6d0c187c61c2c56f6e95eef914baeb166bc7b0b13d889fd.exe

Resource

win7-20240221-en

fatalrat infostealer rat

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

1e2c7051ebeb72a3a6d0c187c61c2c56f6e95eef914baeb166bc7b0b13d889fd.exe

Resource

win10v2004-20240426-en

fatalrat infostealer rat

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  1e2c7051ebeb72a3a6d0c187c61c2c56f6e95eef914baeb166bc7b0b13d889fd
- Size
  
  192KB
- MD5
  
  d36233c1d0112b5873847cb53efe21e7
- SHA1
  
  0ebae8d57e424549a0ae40fca75db0c86aaef779
- SHA256
  
  1e2c7051ebeb72a3a6d0c187c61c2c56f6e95eef914baeb166bc7b0b13d889fd
- SHA512
  
  e88a4ccb24ea8ad69dc996c261d9ea24877888de1804ad5cc5d99ef7c72d5727d21b7481ac8d40472f4970c8916bf8f346c07cbacb4f48ec5fd03f73bfb001da
- SSDEEP
  
  3072:T1ltd5LZseWDzoPZ6WS6BLfvgaSlpcD+05f:NSzkPDNGEf
Score

10^/10

fatalrat infostealer rat
- FatalRat
  FatalRat is a modular infostealer family written in C++ first appearing in June 2021.
  infostealer rat fatalrat
- Fatal Rat payload
  rat infostealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fatalratinfostealerrat

behavioral2

fatalratinfostealerrat

© 2018-2024

Terms | Privacy