fatalrat

General

Target

c7ab94056718540056db30adea4e36cb7f7ede270006d90676dd1cdd9af2a17fN.exe
Size

1.1MB
Sample

241216-nwwx3ayqcx
MD5

33392cca2d55ac4c197a4b60ccb3faa0
SHA1

99e330906d632d1b78fd58246b8421a9ca29abfa
SHA256

c7ab94056718540056db30adea4e36cb7f7ede270006d90676dd1cdd9af2a17f
SHA512

be64dccd42ec19e9b38352165d1970465c391458147d3513ed6493b76a55e8012fcc9814ee3046017bec161994a7e45520f9ce65aa2c3b63610853594ff8349b
SSDEEP

24576:8HojlSSKXUne4vmOmU8tpJKI12CiwGo8YyvmWP61TkP6hE:8H0lSSKX+XvnG/1EPDBvmWPhP4E

Score

10^/10

Malware Config

Targets

- Target
  
  c7ab94056718540056db30adea4e36cb7f7ede270006d90676dd1cdd9af2a17fN.exe
- Size
  
  1.1MB
- MD5
  
  33392cca2d55ac4c197a4b60ccb3faa0
- SHA1
  
  99e330906d632d1b78fd58246b8421a9ca29abfa
- SHA256
  
  c7ab94056718540056db30adea4e36cb7f7ede270006d90676dd1cdd9af2a17f
- SHA512
  
  be64dccd42ec19e9b38352165d1970465c391458147d3513ed6493b76a55e8012fcc9814ee3046017bec161994a7e45520f9ce65aa2c3b63610853594ff8349b
- SSDEEP
  
  24576:8HojlSSKXUne4vmOmU8tpJKI12CiwGo8YyvmWP61TkP6hE:8H0lSSKX+XvnG/1EPDBvmWPhP4E
Score

10^/10

fatalrat discovery infostealer rat
- FatalRat
  FatalRat is a modular infostealer family written in C++ first appearing in June 2021.
  infostealer rat fatalrat
- Fatalrat family
  fatalrat
- Fatal Rat payload
  rat infostealer
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2

T1012

System Information Discovery

3

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Fatalrat family

Fatal Rat payload

Checks BIOS information in registry

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2