Overview

overview

10

Static

static

3

名单助手m.exe

windows7-x64

10

名单助手m.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5fb5be5a6126a4dff32d4cd4eef5de69ba0437b981299351852436ffb2767872

  • Size

    4.0MB

  • Sample

    241128-gpleestqhm

  • MD5

    30905fc98f74229f7d97f7d8c69818fb

  • SHA1

    d53f3ee3bbab4c7942e9a17d9ced33da5985c6f1

  • SHA256

    5fb5be5a6126a4dff32d4cd4eef5de69ba0437b981299351852436ffb2767872

  • SHA512

    c1a59b97ba6fc3a81204b6d31182694764f6902a8f5be00660a49ee3af27992452b1a53ead3e7c29b9d3d2b0359cc8562765309994d2dc7a0b82bcff0390746d

  • SSDEEP

    98304:oOzxaWDVeVtvUFOhTZTAw2dTx2rbCvlYTYAk8CG4NcUnC4xYkJklzM:oOzxBJeTeelFBKh6CZNcbMY2klzM

Score
10/10
fatalratdiscoveryinfostealerratupx

Malware Config

Targets

    • Target

      名单助手m.exe

    • Size

      6.1MB

    • MD5

      204680a71afc51faa1408ffa2430c3f4

    • SHA1

      1ae73b74dd260cc0568ce9d07daddf904102beff

    • SHA256

      1bf9bdfaff5d065a120f44725ff2dbf8b20d731660168d02dbf89a4f9ee6d336

    • SHA512

      fb1cbd9db14b71722f40956f6ca1128082eac3726241ce15cd313e9391876ed71bd0c15a22a26158331c9bcb105b54fcbace55d4aa3791f72133f98ceebc6688

    • SSDEEP

      98304:1YYX5YQmdT8PRv0J0hx09BSpKki9jBGrisYdMLU9V09DsL2qEKqjb:eiby94pFKjBGr97eL

    Score
    10/10
    fatalratdiscoveryinfostealerratupx

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

      infostealerratfatalrat

    • Fatalrat family

      fatalrat

    • Fatal Rat payload

      ratinfostealer

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks