General
-
Target
v6.2.01.exe
-
Size
6.3MB
-
Sample
241003-j951nstepn
-
MD5
1e396d6c94cb42792e209b8e2e1948f6
-
SHA1
59c1dc22d6636b58796d2ad5ef84a4471b372f09
-
SHA256
9ef0b7351873989dde1b4bf5e244c617b92bb904152ac1d55a4a1fd93b732d05
-
SHA512
34edf247c08a0472aec2ca00f464487a32733dee35f1fa85f024dda3ce17104ab35c6b5e414f69399bfc2fe6a8d0f5262c771b55f01a7a8057b59c8580f22a4c
-
SSDEEP
98304:fW6YrekvPN3f4lCEHfM3q6eH6Yec7p0qCV2/QfBEqSc69:O6YrekRf4RfM3qGYfk2/bq
Static task
static1
Behavioral task
behavioral1
Sample
v6.2.01.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
v6.2.01.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
v6.2.01.exe
-
Size
6.3MB
-
MD5
1e396d6c94cb42792e209b8e2e1948f6
-
SHA1
59c1dc22d6636b58796d2ad5ef84a4471b372f09
-
SHA256
9ef0b7351873989dde1b4bf5e244c617b92bb904152ac1d55a4a1fd93b732d05
-
SHA512
34edf247c08a0472aec2ca00f464487a32733dee35f1fa85f024dda3ce17104ab35c6b5e414f69399bfc2fe6a8d0f5262c771b55f01a7a8057b59c8580f22a4c
-
SSDEEP
98304:fW6YrekvPN3f4lCEHfM3q6eH6Yec7p0qCV2/QfBEqSc69:O6YrekRf4RfM3qGYfk2/bq
Score10/10-
SectopRAT payload
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-