fatalrat | ca210e068987b172434c1b99cb6f5f56fba99b3bccf5ff4c4e8cd170c7b9a8a2 | Triage

Submit
Reports

Overview

overview

Static

static

3

ca210e0689...a2.exe

windows7-x64

ca210e0689...a2.exe

windows10-2004-x64

Sharing

General

Target

ca210e068987b172434c1b99cb6f5f56fba99b3bccf5ff4c4e8cd170c7b9a8a2
Size

6.1MB
Sample

241211-g4e6ys1jex
MD5

052072ffc4f8449345ceea343fdee0a7
SHA1

c64f1e6fa8b7ebcbda234f4534fbf654b0a4850c
SHA256

ca210e068987b172434c1b99cb6f5f56fba99b3bccf5ff4c4e8cd170c7b9a8a2
SHA512

1703513639446cc7c72142571f3016032df27346c09b2da1a5b35e51b814f27e4f13599702338e884182f578eef7f32d90d165732238c45f26523a88f9737f97
SSDEEP

98304:AAymlFX/ZL1K4WIqBI4rpNBczHA65wtX5bBeNz26AG1jQiWHugB9:AAhlFRLchIqBfz82XN8N6OjQr

Score

10^/10

fatalrat discovery infostealer rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ca210e068987b172434c1b99cb6f5f56fba99b3bccf5ff4c4e8cd170c7b9a8a2.exe

Resource

win7-20240903-en

fatalrat discovery infostealer rat

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

ca210e068987b172434c1b99cb6f5f56fba99b3bccf5ff4c4e8cd170c7b9a8a2.exe

Resource

win10v2004-20241007-en

fatalrat discovery infostealer rat

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  ca210e068987b172434c1b99cb6f5f56fba99b3bccf5ff4c4e8cd170c7b9a8a2
- Size
  
  6.1MB
- MD5
  
  052072ffc4f8449345ceea343fdee0a7
- SHA1
  
  c64f1e6fa8b7ebcbda234f4534fbf654b0a4850c
- SHA256
  
  ca210e068987b172434c1b99cb6f5f56fba99b3bccf5ff4c4e8cd170c7b9a8a2
- SHA512
  
  1703513639446cc7c72142571f3016032df27346c09b2da1a5b35e51b814f27e4f13599702338e884182f578eef7f32d90d165732238c45f26523a88f9737f97
- SSDEEP
  
  98304:AAymlFX/ZL1K4WIqBI4rpNBczHA65wtX5bBeNz26AG1jQiWHugB9:AAhlFRLchIqBfz82XN8N6OjQr
Score

10^/10

fatalrat discovery infostealer rat
- FatalRat
  FatalRat is a modular infostealer family written in C++ first appearing in June 2021.
  infostealer rat fatalrat
- Fatalrat family
  fatalrat
- Fatal Rat payload
  rat infostealer
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fatalratdiscoveryinfostealerrat

behavioral2

fatalratdiscoveryinfostealerrat

© 2018-2024

Terms | Privacy