fatalrat | ddeee2e9a961d4ff12575175c679a4b749e4d33f30cd89ef5d8501652af5667a | Triage

Submit
Reports

Overview

overview

Static

static

3

ddeee2e9a9...7a.exe

windows7-x64

ddeee2e9a9...7a.exe

windows10-2004-x64

Sharing

General

Target

ddeee2e9a961d4ff12575175c679a4b749e4d33f30cd89ef5d8501652af5667a
Size

890KB
Sample

240828-qagblaygpd
MD5

73cecf8bb89e22975594bbe0e82b6434
SHA1

2857da994718d70df5f45ef07764765ec675f06c
SHA256

ddeee2e9a961d4ff12575175c679a4b749e4d33f30cd89ef5d8501652af5667a
SHA512

0b1ea47b4f3a069ed4d236407992b4b5b3cf244a63d87390743172aa4f4d11e4eecd1414dd3627428ce8ec4d3ac815e5217cc20204762214a4b3e06aa4e630be
SSDEEP

12288:dj2X3IO2pAx+DG2AUQeDXk92wDGpcRbOda7MjW53CNTdpa1zUlqpM:dj2oO7t2bGNGpcRbOy53QTdpaDp

Score

10^/10

fatalrat discovery infostealer rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ddeee2e9a961d4ff12575175c679a4b749e4d33f30cd89ef5d8501652af5667a.exe

Resource

win7-20240705-en

fatalrat discovery infostealer rat

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

ddeee2e9a961d4ff12575175c679a4b749e4d33f30cd89ef5d8501652af5667a.exe

Resource

win10v2004-20240802-en

fatalrat discovery infostealer rat

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  ddeee2e9a961d4ff12575175c679a4b749e4d33f30cd89ef5d8501652af5667a
- Size
  
  890KB
- MD5
  
  73cecf8bb89e22975594bbe0e82b6434
- SHA1
  
  2857da994718d70df5f45ef07764765ec675f06c
- SHA256
  
  ddeee2e9a961d4ff12575175c679a4b749e4d33f30cd89ef5d8501652af5667a
- SHA512
  
  0b1ea47b4f3a069ed4d236407992b4b5b3cf244a63d87390743172aa4f4d11e4eecd1414dd3627428ce8ec4d3ac815e5217cc20204762214a4b3e06aa4e630be
- SSDEEP
  
  12288:dj2X3IO2pAx+DG2AUQeDXk92wDGpcRbOda7MjW53CNTdpa1zUlqpM:dj2oO7t2bGNGpcRbOy53QTdpaDp
Score

10^/10

fatalrat discovery infostealer rat
- FatalRat
  FatalRat is a modular infostealer family written in C++ first appearing in June 2021.
  infostealer rat fatalrat
- Fatal Rat payload
  rat infostealer
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fatalratdiscoveryinfostealerrat

behavioral2

fatalratdiscoveryinfostealerrat

© 2018-2024

Terms | Privacy