Overview

overview

10

Static

static

10

bluefin.exe

windows7-x64

10

bluefin.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bluefin.exe

  • Size

    768KB

  • Sample

    240614-twl1rasakq

  • MD5

    fe96d6f96b4ce1178c478216afc11f31

  • SHA1

    d5dc8e1982695015e90254534f16d2b3663d120c

  • SHA256

    7808f3aea222cdbec2e53b126f46195f4523e9501882b94e0cd42e30f8484f32

  • SHA512

    da8ec729601722a62fde92680f276d8b7a68217437769c738908026fa58be7b5b897c910b4bd0198c941437116f5befe160677b90e86feb4f2e231d4939b923b

  • SSDEEP

    12288:zvsXZv8km0OHcbGbvzWHz0HnquwTl+U0ssFWylkkoAbtEJKwfNqbYS2VbICKMIUe:MfPz0HI0U0ssFlSj0hl

Score
10/10
sectopratrattrojan

Malware Config

Targets

    • Target

      bluefin.exe

    • Size

      768KB

    • MD5

      fe96d6f96b4ce1178c478216afc11f31

    • SHA1

      d5dc8e1982695015e90254534f16d2b3663d120c

    • SHA256

      7808f3aea222cdbec2e53b126f46195f4523e9501882b94e0cd42e30f8484f32

    • SHA512

      da8ec729601722a62fde92680f276d8b7a68217437769c738908026fa58be7b5b897c910b4bd0198c941437116f5befe160677b90e86feb4f2e231d4939b923b

    • SSDEEP

      12288:zvsXZv8km0OHcbGbvzWHz0HnquwTl+U0ssFWylkkoAbtEJKwfNqbYS2VbICKMIUe:MfPz0HI0U0ssFlSj0hl

    Score
    10/10
    sectopratrattrojan

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks