General

  • Target

    756667b99c18e6c13fdc86d30868e90581b53dab4230daaba2b8261a0f4ece0f

  • Size

    713KB

  • Sample

    240913-xpvk4ashqq

  • MD5

    0b7df39ea0e4d0a980ff69d34c6255cc

  • SHA1

    fdda6465d415b9e146f55480a0831166c8a2e234

  • SHA256

    756667b99c18e6c13fdc86d30868e90581b53dab4230daaba2b8261a0f4ece0f

  • SHA512

    ca2d86eb519bf346c00499bf5788bc499fae23519492f32914531ec03f8c66253fa9195224206d0ad95ab7d0347c1e5e33fa35196f46064efd49aee247c67ad8

  • SSDEEP

    6144:qcNrqbprPopMFVJnsdPq0TYU4bWmb8pRYp9HtfqQnHlETCf/MiO7OhQPdVw1iied:qcNGPlnsdPhTYUDvU9nHWTFPdxJVQX

Malware Config

Targets

    • Target

      756667b99c18e6c13fdc86d30868e90581b53dab4230daaba2b8261a0f4ece0f

    • Size

      713KB

    • MD5

      0b7df39ea0e4d0a980ff69d34c6255cc

    • SHA1

      fdda6465d415b9e146f55480a0831166c8a2e234

    • SHA256

      756667b99c18e6c13fdc86d30868e90581b53dab4230daaba2b8261a0f4ece0f

    • SHA512

      ca2d86eb519bf346c00499bf5788bc499fae23519492f32914531ec03f8c66253fa9195224206d0ad95ab7d0347c1e5e33fa35196f46064efd49aee247c67ad8

    • SSDEEP

      6144:qcNrqbprPopMFVJnsdPq0TYU4bWmb8pRYp9HtfqQnHlETCf/MiO7OhQPdVw1iied:qcNGPlnsdPhTYUDvU9nHWTFPdxJVQX

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

    • Fatal Rat payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks