Overview

overview

10

Static

static

1

SendBugReportNew.exe

windows7-x64

10

SendBugReportNew.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0x000500000001957d-96.rar

  • Size

    2.5MB

  • Sample

    240721-q1ntcssfje

  • MD5

    282bfbd393afff8e73005608ccd512fd

  • SHA1

    5b6bce3faa19b64a201e0e39df20b900f5f58eed

  • SHA256

    6f1b18b8394b2f18330321144f092b0a36e57938dc90e6161f285dfc63f12b6a

  • SHA512

    866a898fa99692c3f8f5f9e0d745fbdfa67ffd1287633ec4b0017e8b0ec4e8c2325ea63c1af162f9daa23462d9bf362822e815b63537a0b46a66c36877e04069

  • SSDEEP

    49152:FEa1COSIybjxYviT8FMB3bzC3aa7xKUQ0JM6xEuk6aR+80//YMYNyEjFU2WjLrf:jdybjoiT8FMB3EN7euk6g10HIyeFKnr

Score
10/10
sectopratratspywaretrojan

Malware Config

Targets

    • Target

      SendBugReportNew.exe

    • Size

      1.3MB

    • MD5

      58717509c1521eacfcc7cda39e6bd45c

    • SHA1

      5102dc3a82e8a2710ac67521f85f43f5296b5045

    • SHA256

      d76d0650b630fdb70756a446e0a43672b5da1c2a74014118b02133923305da9a

    • SHA512

      c637c2960b8a0bc111b408af05a0879d9a10f05d802ee7b8b9f115cb54606f76f4475375cecfa9fdb0518be0340b2c5bd23f8fe100dc21db88287a9227c0e69f

    • SSDEEP

      24576:NpzWZ5CkBgB9IxAr7BptfYfG1inqCi2BZbqvWmAUlddWdBMTvNisj273HY:85CkyBbr7vbgHi2HAYwT1H274

    Score
    10/10
    sectopratratspywaretrojan

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks