Overview

overview

10

Static

static

7

6ec246432a...26.exe

windows7-x64

10

6ec246432a...26.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6ec246432a49088c2fb426fcec47447ca1ffb9a776b167acb4a9d1ef6b3ab026

  • Size

    397KB

  • Sample

    240926-lvxf4atbme

  • MD5

    b5b98cd5208774fcf2d9888d57a8d193

  • SHA1

    0029b311e2d64cc361153ef34fd34f9a835b40a9

  • SHA256

    6ec246432a49088c2fb426fcec47447ca1ffb9a776b167acb4a9d1ef6b3ab026

  • SHA512

    4a935aceb60abff425d2df170c9aeee9ea86ac730a686f10d493b5b7d7ba802a48935fd1eb7208f79bb94569a1e807ce96a9a44b75e52f7f6fc4f958751fc723

  • SSDEEP

    6144:YdIE/IurMwlZPTOmTua2uQl9DeQkqvyXMVqcSBIGNBrfSLkteA7:4/zn6maxuQl9DeQkqa8V8XNBrckcA

Score
10/10
fatalrataspackv2discoveryinfostealerratvmprotect

Malware Config

Targets

    • Target

      6ec246432a49088c2fb426fcec47447ca1ffb9a776b167acb4a9d1ef6b3ab026

    • Size

      397KB

    • MD5

      b5b98cd5208774fcf2d9888d57a8d193

    • SHA1

      0029b311e2d64cc361153ef34fd34f9a835b40a9

    • SHA256

      6ec246432a49088c2fb426fcec47447ca1ffb9a776b167acb4a9d1ef6b3ab026

    • SHA512

      4a935aceb60abff425d2df170c9aeee9ea86ac730a686f10d493b5b7d7ba802a48935fd1eb7208f79bb94569a1e807ce96a9a44b75e52f7f6fc4f958751fc723

    • SSDEEP

      6144:YdIE/IurMwlZPTOmTua2uQl9DeQkqvyXMVqcSBIGNBrfSLkteA7:4/zn6maxuQl9DeQkqa8V8XNBrckcA

    Score
    10/10
    fatalratdiscoveryinfostealerratvmprotect

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

      infostealerratfatalrat

    • Fatal Rat payload

      ratinfostealer

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks