Overview

overview

10

Static

static

10

a996e4c18a...fd.dll

windows7-x64

3

a996e4c18a...fd.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    250307-n6hhesvkwz_pw_infected.zip

  • Size

    56KB

  • MD5

    3c74836383b60b35f14b96e5cd9a7907

  • SHA1

    6897bcd06aed28504ceac7523f84b1661a19cedc

  • SHA256

    23defe413fbe2444aa1254c91c86b49e58d30d37782869afd5f306311236475a

  • SHA512

    5124aaf0543dca133aa5d211f51feb50dfdf96871ac5b9dde103a8f6e93e3a4107f95eeda10bce27af1ee83c0ea95765f99f77dc84b3fc50fef98965a70522b6

  • SSDEEP

    1536:6EDp/8efXOCMQVxM0UYGb71rGXzcdnglAR6MFQ83I5sIgCGHWv:TDd8efeCMQBUYGPFacJglARDa83I5Qw

Score
10/10
ratinfostealerfatalrat

Malware Config

Extracted

Family

fatalrat

C2

45.195.148.58

Signatures

  • Fatal Rat payload 1 IoCs
    ratinfostealer
  • Fatalrat family
    fatalrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 250307-n6hhesvkwz_pw_infected.zip
    .zip

    Password: infected

  • a996e4c18ae4c4563db0767cb230b24279daeb3f62ee62b061d2ee076d81bdfd
    .dll windows:4 windows x86 arch:x86

    Password: infected

    15ff780ad959cc7132e95a50ed9bfe0e


    Headers

    Imports

    Exports

    Sections