sectoprat | 4fb4a431713d5129ae541c36f592406a7a1e18b6428c0ab936ac1bfed57e1c6f | Triage

Submit
Reports

Overview

overview

Static

static

3

2024-06-23...uk.exe

windows7-x64

2024-06-23...uk.exe

windows10-2004-x64

Sharing

General

Target

2024-06-23_7800786ade50a094e2589ee7274ae655_ryuk
Size

1.9MB
Sample

240623-xsf7wayhnb
MD5

7800786ade50a094e2589ee7274ae655
SHA1

5c894b72ac27fd11b850cb712174f87942febbd3
SHA256

4fb4a431713d5129ae541c36f592406a7a1e18b6428c0ab936ac1bfed57e1c6f
SHA512

721d5c05147dc5035c7a087f2dec6090d61e9630764d4c2382f869280cca1aa72c66d44398fbe8e4c35e248de3d54672e5006b29f7ce8fc69c9e94a9c8552c68
SSDEEP

49152:YCmdk2RVaEVR20b7Ek6ilmR6UoUAsgxyQte2Bc9t:YCmOECu6qmYMoe2B

Score

10^/10

sectoprat rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-06-23_7800786ade50a094e2589ee7274ae655_ryuk.exe

Resource

win7-20231129-en

sectoprat rat trojan

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-06-23_7800786ade50a094e2589ee7274ae655_ryuk.exe

Resource

win10v2004-20240508-en

sectoprat rat trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-06-23_7800786ade50a094e2589ee7274ae655_ryuk
- Size
  
  1.9MB
- MD5
  
  7800786ade50a094e2589ee7274ae655
- SHA1
  
  5c894b72ac27fd11b850cb712174f87942febbd3
- SHA256
  
  4fb4a431713d5129ae541c36f592406a7a1e18b6428c0ab936ac1bfed57e1c6f
- SHA512
  
  721d5c05147dc5035c7a087f2dec6090d61e9630764d4c2382f869280cca1aa72c66d44398fbe8e4c35e248de3d54672e5006b29f7ce8fc69c9e94a9c8552c68
- SSDEEP
  
  49152:YCmdk2RVaEVR20b7Ek6ilmR6UoUAsgxyQte2Bc9t:YCmOECu6qmYMoe2B
Score

10^/10

sectoprat rat trojan
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Detects Reflective DLL injection artifacts
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

sectopratrattrojan

behavioral2

sectopratrattrojan

© 2018-2024

Terms | Privacy