Overview

overview

10

Static

static

3

Microsoft/...er.exe

windows7-x64

3

Microsoft/...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Microsoft.rar

  • Size

    2.5MB

  • Sample

    240728-rbf8nashkh

  • MD5

    7dff176fe56e15ba87f208abecae8b98

  • SHA1

    a5a09bd8c7b40240d5f0c6e2e35d1df9a3333381

  • SHA256

    ba98c5ad908ec2e49372b7062584da5050de8da03966a971553bb804124710f3

  • SHA512

    210c904c7352f92fa5d48f1c938fa65b41a7f1aa336855715af6a2b8f402ef44e34fe17e8ad4d82c13081f5b75aabc120e95454e94d9861903542d8f0cc19157

  • SSDEEP

    49152:0++yRVOLad+kYvrd4YA9uHfDw2BlNyXlUqJ4RjZpdlDiBf61ieean92:v+yRQLa8kYv49iDvBlIeY4rpfGBfaf2

Score
10/10
fatalratdiscoveryinfostealerrat

Malware Config

Targets

    • Target

      Microsoft/MF/thelper.exe

    • Size

      226KB

    • MD5

      ffbed32e4009acd7fadcaa4bf1bdd898

    • SHA1

      7485fcf366f7b3e61afc02130f296e0016d342c3

    • SHA256

      79b496701e7a68dea3406f01b81e4d05fa484597a5a711889875f1cfb743822a

    • SHA512

      320006a900494d77c82013a683b6300f7d578b0a9c6a1597af1a2ba877f61eb546ee85a5e2b640b5944b36f4c8e27ca75e77744e6eb087f51bba2dc64e4cc29f

    • SSDEEP

      6144:YVjUqyblKOrj8xp2UTakqtkJ9qqD/l6DLxYOnHwjiY3DmzhIaZUNah:Sj7ywi8xJTaP4Aqrl6JpYTUh5ZUi

    Score
    10/10
    discoveryfatalratinfostealerrat

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

      infostealerratfatalrat

    • Fatal Rat payload

      ratinfostealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks