sectoprat | c479a0439f849bb2b093fc02b3beb42e7bc407aeca3828344b591ecc8045b684 | Triage

Submit
Reports

Overview

overview

Static

static

2799f95e13...b5.exe

windows7-x64

2799f95e13...b5.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

2799f95e13eda805a9ddd97278a9f8b5.exe
Size

474KB
Sample

230815-zq1jvafe7x
MD5

2799f95e13eda805a9ddd97278a9f8b5
SHA1

151943a4682a7ccbb0a7914ded3c3c32c602fb46
SHA256

c479a0439f849bb2b093fc02b3beb42e7bc407aeca3828344b591ecc8045b684
SHA512

26118fd8b824f7b3953ccd4b4b297b01e8b263fdc918f5564a759bf0b5e54f5c1d5faed04b777fc739e4017d72a930c6fd92e9d9895f54dc4715867bc6815b30
SSDEEP

6144:olBYO4yjEb17TcMz5/hQluj0oGWA9HowGD9kh0vIOnPxEXlz3432eA6ltZTOaoWU:GaO4Xb1740ZDw+vIc5EXlzBEltF

Score

10^/10

sectoprat rat spyware stealer trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2799f95e13eda805a9ddd97278a9f8b5.exe

Resource

win7-20230712-en

sectoprat rat spyware stealer trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

2799f95e13eda805a9ddd97278a9f8b5.exe

Resource

win10v2004-20230703-en

sectoprat rat spyware stealer trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  2799f95e13eda805a9ddd97278a9f8b5.exe
- Size
  
  474KB
- MD5
  
  2799f95e13eda805a9ddd97278a9f8b5
- SHA1
  
  151943a4682a7ccbb0a7914ded3c3c32c602fb46
- SHA256
  
  c479a0439f849bb2b093fc02b3beb42e7bc407aeca3828344b591ecc8045b684
- SHA512
  
  26118fd8b824f7b3953ccd4b4b297b01e8b263fdc918f5564a759bf0b5e54f5c1d5faed04b777fc739e4017d72a930c6fd92e9d9895f54dc4715867bc6815b30
- SSDEEP
  
  6144:olBYO4yjEb17TcMz5/hQluj0oGWA9HowGD9kh0vIOnPxEXlz3432eA6ltZTOaoWU:GaO4Xb1740ZDw+vIc5EXlzBEltF
Score

10^/10

sectoprat rat spyware stealer trojan
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sectopratratspywarestealertrojan

behavioral2

sectopratratspywarestealertrojan

© 2018-2025

Terms | Privacy