General
-
Target
6cb35e6d5e3dc675d2b2fac2e86012d3da4134b213169ef26481c4eb2f90845a.exe
-
Size
2.2MB
-
Sample
240606-bxrcradg6z
-
MD5
2e353132fb63ea9056c83d9e7e030abb
-
SHA1
122894bbcfe114fe28ce94da7dddb363581edc06
-
SHA256
6cb35e6d5e3dc675d2b2fac2e86012d3da4134b213169ef26481c4eb2f90845a
-
SHA512
116e4b2f7129de130237197c281c9238095f80f2af4a68bd617ec9d07c7de2f0580f273fd777214304da77dc856eb357d455d9c5996d14c166cecc66cc060183
-
SSDEEP
49152:kGMK7sPVFjY2nyZSNB4t48sUjbpcZ36kWT1r2+I6cMMyIks:rMK6FY2yZSg4RY+krNIFf
Static task
static1
Behavioral task
behavioral1
Sample
6cb35e6d5e3dc675d2b2fac2e86012d3da4134b213169ef26481c4eb2f90845a.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
6cb35e6d5e3dc675d2b2fac2e86012d3da4134b213169ef26481c4eb2f90845a.exe
-
Size
2.2MB
-
MD5
2e353132fb63ea9056c83d9e7e030abb
-
SHA1
122894bbcfe114fe28ce94da7dddb363581edc06
-
SHA256
6cb35e6d5e3dc675d2b2fac2e86012d3da4134b213169ef26481c4eb2f90845a
-
SHA512
116e4b2f7129de130237197c281c9238095f80f2af4a68bd617ec9d07c7de2f0580f273fd777214304da77dc856eb357d455d9c5996d14c166cecc66cc060183
-
SSDEEP
49152:kGMK7sPVFjY2nyZSNB4t48sUjbpcZ36kWT1r2+I6cMMyIks:rMK6FY2yZSg4RY+krNIFf
-
SectopRAT payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-