Overview

overview

10

Static

static

3

MF.rar

windows7-x64

7

MF.rar

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MF.rar

  • Size

    2.1MB

  • Sample

    240910-n6kyjsvclg

  • MD5

    eed0d2091538ec14cf4ab86b27a896de

  • SHA1

    5a9675ab6414bd8fa80ebb32d341059c4ee96513

  • SHA256

    1760d602c9fc8043652f0d965c8b4f8e9810c21b9e3d85b38e5094d5d6a2843e

  • SHA512

    fd853c4185100a2dd4c59238308385622aeb61d422c484989b857b6dafcbd723a761c1dde77903360f998523861120ed7248db549b58f376867cf1ffe94d4951

  • SSDEEP

    49152:HtGkOOocZy+ymNHJ24Naai+DUqJ4RjZpdrDiBf61ieean7n:NGkOOocZy+ymhNaaCY4rphGBfaBn

Score
10/10
fatalratdiscoveryinfostealerrat

Malware Config

Targets

    • Target

      MF.rar

    • Size

      2.1MB

    • MD5

      eed0d2091538ec14cf4ab86b27a896de

    • SHA1

      5a9675ab6414bd8fa80ebb32d341059c4ee96513

    • SHA256

      1760d602c9fc8043652f0d965c8b4f8e9810c21b9e3d85b38e5094d5d6a2843e

    • SHA512

      fd853c4185100a2dd4c59238308385622aeb61d422c484989b857b6dafcbd723a761c1dde77903360f998523861120ed7248db549b58f376867cf1ffe94d4951

    • SSDEEP

      49152:HtGkOOocZy+ymNHJ24Naai+DUqJ4RjZpdrDiBf61ieean7n:NGkOOocZy+ymhNaaCY4rphGBfaBn

    Score
    10/10
    discoveryfatalratinfostealerrat

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

      infostealerratfatalrat

    • Fatal Rat payload

      ratinfostealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks