sectoprat | a6371d2dcf5b1652aac0bd322d479581a136ee874bfea3b907c67be7422e1ca6 | Triage

Submit
Reports

Overview

overview

Static

static

3

cryptolaemus

windows10-2004-x64

cryptolaemus

windows11-21h2-x64

Sharing

General

Target

a6371d2dcf5b1652aac0bd322d479581a136ee874bfea3b907c67be7422e1ca6
Size

414KB
Sample

240422-zldvaagb7z
MD5

52c28f353ec729be591d6c1c10f03f21
SHA1

3067357a993f0ba851cfcce39953245d1d69c78c
SHA256

a6371d2dcf5b1652aac0bd322d479581a136ee874bfea3b907c67be7422e1ca6
SHA512

e2ff0628dc2603f5f33be82f4abf5cc81296d20bee674212132d14e2cc16a3863aa81cd5982d776a58122f46ed91b798965b4a1fbee9149cf005117506c71312
SSDEEP

6144:NaNt/d72DNnUJq82dyLMg4beAnnBV7i/2oor6O744r0tyRZ/ha:NaNKH8LL8Lu/MIc/ha

Score

10^/10

sectoprat stealc rat stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a6371d2dcf5b1652aac0bd322d479581a136ee874bfea3b907c67be7422e1ca6.exe

Resource

win10v2004-20240412-en

sectoprat stealc rat stealer trojan

windows10-2004-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

a6371d2dcf5b1652aac0bd322d479581a136ee874bfea3b907c67be7422e1ca6.exe

Resource

win11-20240412-en

sectoprat stealc rat stealer trojan

windows11-21h2-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  a6371d2dcf5b1652aac0bd322d479581a136ee874bfea3b907c67be7422e1ca6
- Size
  
  414KB
- MD5
  
  52c28f353ec729be591d6c1c10f03f21
- SHA1
  
  3067357a993f0ba851cfcce39953245d1d69c78c
- SHA256
  
  a6371d2dcf5b1652aac0bd322d479581a136ee874bfea3b907c67be7422e1ca6
- SHA512
  
  e2ff0628dc2603f5f33be82f4abf5cc81296d20bee674212132d14e2cc16a3863aa81cd5982d776a58122f46ed91b798965b4a1fbee9149cf005117506c71312
- SSDEEP
  
  6144:NaNt/d72DNnUJq82dyLMg4beAnnBV7i/2oor6O744r0tyRZ/ha:NaNKH8LL8Lu/MIc/ha
Score

10^/10

sectoprat stealc rat stealer trojan
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sectopratstealcratstealertrojan

behavioral2

sectopratstealcratstealertrojan

© 2018-2025

Terms | Privacy