fatalrat | c9acf95beda28648ae089190cc72ae88e4ccccd50d59e06740714fbbfc16f432 | Triage

Submit
Reports

Overview

overview

Static

static

3

2024-09-04...ia.exe

windows7-x64

7

2024-09-04...ia.exe

windows10-2004-x64

Sharing

General

Target

2024-09-04_f42c665fe99295ac8f4936d8488487f3_mafia
Size

3.3MB
Sample

240904-a9a1vsshld
MD5

f42c665fe99295ac8f4936d8488487f3
SHA1

0f674cacdf78311e8f310d06b1c89869592e880f
SHA256

c9acf95beda28648ae089190cc72ae88e4ccccd50d59e06740714fbbfc16f432
SHA512

b8014dbf8944105f40491f05d39a8d2077b6d740d15917f797435230a03dceda22e0981de67d7e7500a050fadf1bd8405434606a35403755a5276e0c092206db
SSDEEP

98304:eeSgJLDOQD6MV91/3/yRbNBqWUBLKVYqbS66puB:F9D1XaRBBqWUcbS66pu

Score

10^/10

fatalrat discovery infostealer rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-09-04_f42c665fe99295ac8f4936d8488487f3_mafia.exe

Resource

win7-20240903-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-09-04_f42c665fe99295ac8f4936d8488487f3_mafia.exe

Resource

win10v2004-20240802-en

fatalrat discovery infostealer rat

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-09-04_f42c665fe99295ac8f4936d8488487f3_mafia
- Size
  
  3.3MB
- MD5
  
  f42c665fe99295ac8f4936d8488487f3
- SHA1
  
  0f674cacdf78311e8f310d06b1c89869592e880f
- SHA256
  
  c9acf95beda28648ae089190cc72ae88e4ccccd50d59e06740714fbbfc16f432
- SHA512
  
  b8014dbf8944105f40491f05d39a8d2077b6d740d15917f797435230a03dceda22e0981de67d7e7500a050fadf1bd8405434606a35403755a5276e0c092206db
- SSDEEP
  
  98304:eeSgJLDOQD6MV91/3/yRbNBqWUBLKVYqbS66puB:F9D1XaRBBqWUcbS66pu
Score

10^/10

discovery fatalrat infostealer rat
- FatalRat
  FatalRat is a modular infostealer family written in C++ first appearing in June 2021.
  infostealer rat fatalrat
- Fatal Rat payload
  rat infostealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

fatalratdiscoveryinfostealerrat

© 2018-2024

Terms | Privacy