fatalrat | c7fc7b8e258d4838544c2b70f292e37d1e9a9ad6ae74c8d8bd167d9d2392f636 | Triage

Sharing

General

Target

trx40.zip
Size

724KB
Sample

250224-l7zrzswn17
MD5

9fe8374ef9dd40fcd0d697376a629174
SHA1

44dca31235363257c73f5ce997edf9a97cad79c8
SHA256

c7fc7b8e258d4838544c2b70f292e37d1e9a9ad6ae74c8d8bd167d9d2392f636
SHA512

28b9620c8c9b4245ff598cc142c1124f0b475bdbcb9b90d7575342c0bf7b3a0a9f82d949c88e2f0a8f7c1bc25d6369e6ad8ea11f5a31e75dbd570f49e0184a3f
SSDEEP

12288:Zsx7n5wNeVHAXdian/xRYtqk3edHqaPpYjEj2k5B9/RlsxXqlxfQJ1FUxyViMSsJ:Z47VqigItqkOdHqaBeE64B9Jlsx7JIcz

Score

10^/10

fatalrat discovery infostealer rat stealer trojan

Malware Config

Targets

- Target
  
  package/MaskDoc.hjkhkjhkjhg
- Size
  
  63KB
- MD5
  
  6dcc71ba39c9c398a1da7fc19f7aa838
- SHA1
  
  842793fb82f3baa7ff645e314ee2d33311a20b50
- SHA256
  
  c5699d2d486747254907bd61a57f2f3ffb143ef357d42147295d6ce52aef1a97
- SHA512
  
  a94f4f96e47a20362dd773517c89e792111a0563aa13ec1c9afc8ed60e1c31fd576f50707bb10c78360f95a8fd09021782aaad42bf5c8cb33f13d6b8ef519e30
- SSDEEP
  
  768:2LMx2GXnvoLan/vhZ97F6Zkkj6KED2KnSM6pG+VHYnPqi4R43Q+:2LMxfvomxnF6ZkNjS/G+CnPYot
Score

10^/10

fatalrat discovery infostealer rat stealer trojan
- FatalRat
  FatalRat is a modular infostealer family written in C++ first appearing in June 2021.
  stealer trojan fatalrat
- Fatalrat family
  fatalrat
- Fatal Rat payload
  rat infostealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2
- Target
  
  package/PotPlayer.dll
- Size
  
  696KB
- MD5
  
  2d0bc28e3dddf732d7277ef4b7410d89
- SHA1
  
  b788799536b2ab14644265431e3566e2dbb90f9c
- SHA256
  
  90223b74b727514e30a46544d8c597547aded4ae457d6247ef8de37b4c926124
- SHA512
  
  b5e5086a076889d98d24da431521cf5cc6886b124f4937f102d4bda002cd25a185641a98c887a2265e73703bb55076f90f1562cfd76d4e81f8323aa437424448
- SSDEEP
  
  12288:oDl/UGNPEB+FoWbzy+7v0N7ZXy5FPYT5mZNlwz5zDG:oDl/UGNPEB+Fo+v0N7ZI65mZ
Score

3^/10

discovery
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fatalratdiscoveryinfostealerratstealertrojan

behavioral2

fatalratdiscoveryinfostealerratstealertrojan

behavioral3

behavioral4