General

  • Target

    Lisect_AVT_24003_G2A_100.exe

  • Size

    6.3MB

  • Sample

    240725-c9eedsxblb

  • MD5

    347e0f187d52f4abac877354dfd1539d

  • SHA1

    8f1e98efbfd1be61f1fd0f89787f014b19651ba4

  • SHA256

    4f21d26ddb7e2f75f05b09a9d0394a65bef18f6520c8d6b37eba9eedadfd7710

  • SHA512

    54ffc9911b8cca85e5208bfae4af69ded091b740e82b9ae8b92baf68575195191ed0ac6aa3f3be7f6fe79d831b2a2091dc3501e77db51134986dd2b40db90abc

  • SSDEEP

    98304:JrQvvKGZ6MulJ2LK4hulR7AWIsVk8QWG1qvoZKMRREaXbGqZAQifd64MNnSs17u:ZyvYXJ2q93VDGVRaQKQCI4MNS27

Malware Config

Targets

    • Target

      Lisect_AVT_24003_G2A_100.exe

    • Size

      6.3MB

    • MD5

      347e0f187d52f4abac877354dfd1539d

    • SHA1

      8f1e98efbfd1be61f1fd0f89787f014b19651ba4

    • SHA256

      4f21d26ddb7e2f75f05b09a9d0394a65bef18f6520c8d6b37eba9eedadfd7710

    • SHA512

      54ffc9911b8cca85e5208bfae4af69ded091b740e82b9ae8b92baf68575195191ed0ac6aa3f3be7f6fe79d831b2a2091dc3501e77db51134986dd2b40db90abc

    • SSDEEP

      98304:JrQvvKGZ6MulJ2LK4hulR7AWIsVk8QWG1qvoZKMRREaXbGqZAQifd64MNnSs17u:ZyvYXJ2q93VDGVRaQKQCI4MNS27

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

    • Fatal Rat payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

MITRE ATT&CK Enterprise v15

Tasks