General
-
Target
4ff41d9b16384fb388eaf0d8dc5142dc65f209fd779f407fd0dfe0df286812d2.exe
-
Size
767KB
-
Sample
240430-bqbnqage8x
-
MD5
2d8c1cae9f4d8aeb07e4780ab7c21297
-
SHA1
711521bd838deb1aac2d2abd72f8ed899fc0cca3
-
SHA256
4ff41d9b16384fb388eaf0d8dc5142dc65f209fd779f407fd0dfe0df286812d2
-
SHA512
f533b2ef4c5b61c8b30b3bf1b69bdca01b122ad26461b8e1aa5f78a03faea89c883c23a7779e25d6d6b4f01ea4141838724a24e715d41e5b5323902cb02a2e56
-
SSDEEP
12288:aiMA0ejRLfxLY8flLb1MgX6WbkAsFWylkkoAbtESP4srX:qeDxttL66kAsFlSj4
Behavioral task
behavioral1
Sample
4ff41d9b16384fb388eaf0d8dc5142dc65f209fd779f407fd0dfe0df286812d2.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
4ff41d9b16384fb388eaf0d8dc5142dc65f209fd779f407fd0dfe0df286812d2.exe
-
Size
767KB
-
MD5
2d8c1cae9f4d8aeb07e4780ab7c21297
-
SHA1
711521bd838deb1aac2d2abd72f8ed899fc0cca3
-
SHA256
4ff41d9b16384fb388eaf0d8dc5142dc65f209fd779f407fd0dfe0df286812d2
-
SHA512
f533b2ef4c5b61c8b30b3bf1b69bdca01b122ad26461b8e1aa5f78a03faea89c883c23a7779e25d6d6b4f01ea4141838724a24e715d41e5b5323902cb02a2e56
-
SSDEEP
12288:aiMA0ejRLfxLY8flLb1MgX6WbkAsFWylkkoAbtESP4srX:qeDxttL66kAsFlSj4
-
SectopRAT payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-