General
-
Target
f730660f20d767f006982c5ebb0461145bacd46a278754d713dbe51ca62793ab.exe.vir
-
Size
18.0MB
-
Sample
241116-qx8z5a1nhl
-
MD5
ef344baa9dd4568c67430b298412a83a
-
SHA1
abf64392658bdc45aff764f171de15dcc8705924
-
SHA256
f730660f20d767f006982c5ebb0461145bacd46a278754d713dbe51ca62793ab
-
SHA512
f5bd7060aa96b9afe12ed2e98104851c422f6a30ea0679b7254a340e7170d59b48930118ce4f27cfd1f0679790d3c6d2c3c2de4f2d741d707eef8ce965ceeaf6
-
SSDEEP
393216:pIQZSINDOkEk7uQcUIYYBFrrV/eaxfo8ujuiuky0eP18KZahKdkGx:6+pDO4uQcUc1rxeaxfo5uishPmRpGx
Behavioral task
behavioral1
Sample
f730660f20d767f006982c5ebb0461145bacd46a278754d713dbe51ca62793ab.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
f730660f20d767f006982c5ebb0461145bacd46a278754d713dbe51ca62793ab.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
f730660f20d767f006982c5ebb0461145bacd46a278754d713dbe51ca62793ab.exe.vir
-
Size
18.0MB
-
MD5
ef344baa9dd4568c67430b298412a83a
-
SHA1
abf64392658bdc45aff764f171de15dcc8705924
-
SHA256
f730660f20d767f006982c5ebb0461145bacd46a278754d713dbe51ca62793ab
-
SHA512
f5bd7060aa96b9afe12ed2e98104851c422f6a30ea0679b7254a340e7170d59b48930118ce4f27cfd1f0679790d3c6d2c3c2de4f2d741d707eef8ce965ceeaf6
-
SSDEEP
393216:pIQZSINDOkEk7uQcUIYYBFrrV/eaxfo8ujuiuky0eP18KZahKdkGx:6+pDO4uQcUc1rxeaxfo5uishPmRpGx
-
FatalRat
FatalRat is a modular infostealer family written in C++ first appearing in June 2021.
-
Fatalrat family
-
Gh0st RAT payload
-
Gh0strat family
-
Fatal Rat payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-