General

  • Target

    5bbc85745b1af1a54c01269b36a862aa

  • Size

    2.1MB

  • Sample

    240115-bhbzhseddq

  • MD5

    5bbc85745b1af1a54c01269b36a862aa

  • SHA1

    e7280ed4a313a76822cd0cdc7584165705119ab9

  • SHA256

    5023954c17841ad076ba525cb75a8e326ea6192d5f7d71dba3b3ca44bb042081

  • SHA512

    2fe8b71706efd40915cb90771bb0bae4de124fac4f1e121b873379e5dfef043763e61e8ada1f6d9339f3921d29d9d20e932cb934182cffcab2d136396eb393d9

  • SSDEEP

    49152:Wt4FS6Wv6o9nZeE3H7N7OhgcdJCLr+7E97cn3vul39RA:Wtx6WvJDXhUHdJ0qE+3x

Score
10/10

Malware Config

Targets

    • Target

      5bbc85745b1af1a54c01269b36a862aa

    • Size

      2.1MB

    • MD5

      5bbc85745b1af1a54c01269b36a862aa

    • SHA1

      e7280ed4a313a76822cd0cdc7584165705119ab9

    • SHA256

      5023954c17841ad076ba525cb75a8e326ea6192d5f7d71dba3b3ca44bb042081

    • SHA512

      2fe8b71706efd40915cb90771bb0bae4de124fac4f1e121b873379e5dfef043763e61e8ada1f6d9339f3921d29d9d20e932cb934182cffcab2d136396eb393d9

    • SSDEEP

      49152:Wt4FS6Wv6o9nZeE3H7N7OhgcdJCLr+7E97cn3vul39RA:Wtx6WvJDXhUHdJ0qE+3x

    Score
    10/10
    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks