Overview

overview

10

Static

static

1

malware.ps1

windows10-2004-x64

10

Resubmissions

18-11-2024 18:55

241118-xks7gatbnn 10

04-08-2023 13:35

230804-qvv1gsba87 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    malware.ps1.ps1

  • Size

    632KB

  • Sample

    241118-xks7gatbnn

  • MD5

    b51ce03f581892df4518a19c36819d32

  • SHA1

    b16fd35868ee3381d04c8c8ec7a5cec2be7f7fd5

  • SHA256

    64fa05b0833add3f4c0a7b92c758cddc707ac15c029b86735b4135ee272d72bf

  • SHA512

    ea3c087ab4b219251273106e665d4d7157959ff33d0c473aa4e41848ee3a5011a8d924d97abbb2a098fbdb0d801183c4b92e7b3472f17a0dbd21063a7526f644

  • SSDEEP

    12288:FyC892ilTl8aEE+DV2M3GQCsU43yKDGX9xL/xxMjypoMrCm042ruD:FyC8924WaEFDIsTCKD2zxxMxM2m0hr0

Score
10/10
sectopratexecutionrattrojan

Malware Config

Targets

    • Target

      malware.ps1.ps1

    • Size

      632KB

    • MD5

      b51ce03f581892df4518a19c36819d32

    • SHA1

      b16fd35868ee3381d04c8c8ec7a5cec2be7f7fd5

    • SHA256

      64fa05b0833add3f4c0a7b92c758cddc707ac15c029b86735b4135ee272d72bf

    • SHA512

      ea3c087ab4b219251273106e665d4d7157959ff33d0c473aa4e41848ee3a5011a8d924d97abbb2a098fbdb0d801183c4b92e7b3472f17a0dbd21063a7526f644

    • SSDEEP

      12288:FyC892ilTl8aEE+DV2M3GQCsU43yKDGX9xL/xxMjypoMrCm042ruD:FyC8924WaEFDIsTCKD2zxxMxM2m0hr0

    Score
    10/10
    sectopratexecutionrattrojan

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Sectoprat family

      sectoprat

    • Blocklisted process makes network request

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks