fatalrat | 182fedf45c50a7af4483fc563fc8b6c5accdebd1a4c1df85263455c26c10ea93 | Triage

Submit
Reports

Overview

overview

Static

static

3

182fedf45c...93.exe

windows10-2004-x64

Sharing

General

Target

182fedf45c50a7af4483fc563fc8b6c5accdebd1a4c1df85263455c26c10ea93
Size

292KB
Sample

250404-lezlhswm18
MD5

9d8e7ba5a4c06db0079339fbd19bd193
SHA1

b2d5f67fa3ba2f290c2d897914fac5ca2c1a2967
SHA256

182fedf45c50a7af4483fc563fc8b6c5accdebd1a4c1df85263455c26c10ea93
SHA512

d862b2836c028c2e60045b9e668e7c7adf20ac5f2124df3ebe17fcf952636ef920422a4c8d59bf59e442183739220726aede3fe1fe519106a1f066d40976b3f6
SSDEEP

3072:Z1ltd5LZseWDzoPZ6WS6BLfvgaSlpcD+05fssdMXe0d9lypF/vXDfIS4CD3asgPW:/SzkPDNGEfx2Xd+n7IS43sgR7iC0Hl5t

Score

10^/10

fatalrat discovery infostealer persistence rat stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

182fedf45c50a7af4483fc563fc8b6c5accdebd1a4c1df85263455c26c10ea93.exe

Resource

win10v2004-20250314-en

fatalrat discovery infostealer persistence rat stealer trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  182fedf45c50a7af4483fc563fc8b6c5accdebd1a4c1df85263455c26c10ea93
- Size
  
  292KB
- MD5
  
  9d8e7ba5a4c06db0079339fbd19bd193
- SHA1
  
  b2d5f67fa3ba2f290c2d897914fac5ca2c1a2967
- SHA256
  
  182fedf45c50a7af4483fc563fc8b6c5accdebd1a4c1df85263455c26c10ea93
- SHA512
  
  d862b2836c028c2e60045b9e668e7c7adf20ac5f2124df3ebe17fcf952636ef920422a4c8d59bf59e442183739220726aede3fe1fe519106a1f066d40976b3f6
- SSDEEP
  
  3072:Z1ltd5LZseWDzoPZ6WS6BLfvgaSlpcD+05fssdMXe0d9lypF/vXDfIS4CD3asgPW:/SzkPDNGEfx2Xd+n7IS43sgR7iC0Hl5t
Score

10^/10

fatalrat discovery infostealer persistence rat stealer trojan
- Fatal Rat payload
  rat infostealer
- FatalRat
  FatalRat is a modular infostealer family written in C++ first appearing in June 2021.
  stealer trojan fatalrat
- Fatalrat family
  fatalrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

fatalratdiscoveryinfostealerpersistenceratstealertrojan

© 2018-2025

Terms | Privacy