General

  • Target

    1ec6937382678017edbf744110b9f91310ccfeeef1aedc74546c4242bea0eb00

  • Size

    1.8MB

  • Sample

    240425-y1mkaseb3z

  • MD5

    a3fe624ce97d2b9ad474b851b146f2e3

  • SHA1

    a695465c9d91f89b20cda34969efd263b8243e37

  • SHA256

    1ec6937382678017edbf744110b9f91310ccfeeef1aedc74546c4242bea0eb00

  • SHA512

    a16ab917ffeb593d8ff3dc2003c6d021fbf49039af1273b211d8ab17268b9900555d1175e46d41a94fe4caaae549cc3256d854cf1d2db3eb39b1ecf6dbbbe04f

  • SSDEEP

    24576:FjuMpdpEaAYopD/27Ul2afYc+6Mgy3m3dakJgVD/qTn7XmneC6Z85jurET+Gs:FXdLfopD83awXTgy3oJHTn7mEZPEHs

Score
10/10

Malware Config

Targets

    • Target

      1ec6937382678017edbf744110b9f91310ccfeeef1aedc74546c4242bea0eb00

    • Size

      1.8MB

    • MD5

      a3fe624ce97d2b9ad474b851b146f2e3

    • SHA1

      a695465c9d91f89b20cda34969efd263b8243e37

    • SHA256

      1ec6937382678017edbf744110b9f91310ccfeeef1aedc74546c4242bea0eb00

    • SHA512

      a16ab917ffeb593d8ff3dc2003c6d021fbf49039af1273b211d8ab17268b9900555d1175e46d41a94fe4caaae549cc3256d854cf1d2db3eb39b1ecf6dbbbe04f

    • SSDEEP

      24576:FjuMpdpEaAYopD/27Ul2afYc+6Mgy3m3dakJgVD/qTn7XmneC6Z85jurET+Gs:FXdLfopD83awXTgy3oJHTn7mEZPEHs

    Score
    10/10
    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks