sectoprat | 24972cecda20154015c31f4a8820764cbfa958d2968ab2b4a7c9e3e43510b888 | Triage

Submit
Reports

Overview

overview

Static

static

78ea47b51e...3f.exe

windows7_x64

78ea47b51e...3f.exe

windows10-2004_x64

Sharing

General

Target

78ea47b51ee8f1ae3dc5b98e56c43d3f.exe
Size

1.0MB
Sample

220627-kta12aaaal
MD5

78ea47b51ee8f1ae3dc5b98e56c43d3f
SHA1

99e64c6a730642430ef80215393adbfba11122b6
SHA256

24972cecda20154015c31f4a8820764cbfa958d2968ab2b4a7c9e3e43510b888
SHA512

7a773021c6c02e5905ff1e3e99b3fb6cbfd5b6617ff831aea5b4cdf416e3d044e55895a5bf1e6fe5da3e3d6272fa82f7b88aaf592d6d61d94477e927a65fb19b

Score

10^/10

sectoprat evasion rat suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

78ea47b51ee8f1ae3dc5b98e56c43d3f.exe

Resource

win7-20220414-en

sectoprat evasion rat suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

78ea47b51ee8f1ae3dc5b98e56c43d3f.exe

Resource

win10v2004-20220414-en

sectoprat rat trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  78ea47b51ee8f1ae3dc5b98e56c43d3f.exe
- Size
  
  1.0MB
- MD5
  
  78ea47b51ee8f1ae3dc5b98e56c43d3f
- SHA1
  
  99e64c6a730642430ef80215393adbfba11122b6
- SHA256
  
  24972cecda20154015c31f4a8820764cbfa958d2968ab2b4a7c9e3e43510b888
- SHA512
  
  7a773021c6c02e5905ff1e3e99b3fb6cbfd5b6617ff831aea5b4cdf416e3d044e55895a5bf1e6fe5da3e3d6272fa82f7b88aaf592d6d61d94477e927a65fb19b
Score

10^/10

sectoprat evasion rat suricata trojan
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT Payload
- UAC bypass
  evasion trojan
- suricata: ET MALWARE Arechclient2 Backdoor CnC Init
  suricata: ET MALWARE Arechclient2 Backdoor CnC Init
  suricata
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

sectopratevasionratsuricatatrojan

behavioral2

sectopratrattrojan

© 2018-2024

Terms | Privacy