General
-
Target
077711078523a76d5060bc3db803f25abd1a3cab6fab8be272a1ca13dac0cdb0.exe
-
Size
768KB
-
Sample
241127-cg91la1maz
-
MD5
64e1b6067e76c04a4ccabfde6231299d
-
SHA1
933586387cf547bb71fc23976b44de4f77da77dc
-
SHA256
077711078523a76d5060bc3db803f25abd1a3cab6fab8be272a1ca13dac0cdb0
-
SHA512
53515c236021deb09bc79d269b205b3dcdffafb5b661bee49345c2c91a3b2d2902d0555c497ab45acb90a3f75be70127d168cf6ae6b1e6427f39b17d986a9c26
-
SSDEEP
12288:QvsXZv8km0OHcbGbvzWHz0Hnquwxe+60ssFWylkkoAbtEQPwfNqbYS2VbICKMIUI:DfPz0Hyn60ssFlSjqPF
Malware Config
Targets
-
-
Target
077711078523a76d5060bc3db803f25abd1a3cab6fab8be272a1ca13dac0cdb0.exe
-
Size
768KB
-
MD5
64e1b6067e76c04a4ccabfde6231299d
-
SHA1
933586387cf547bb71fc23976b44de4f77da77dc
-
SHA256
077711078523a76d5060bc3db803f25abd1a3cab6fab8be272a1ca13dac0cdb0
-
SHA512
53515c236021deb09bc79d269b205b3dcdffafb5b661bee49345c2c91a3b2d2902d0555c497ab45acb90a3f75be70127d168cf6ae6b1e6427f39b17d986a9c26
-
SSDEEP
12288:QvsXZv8km0OHcbGbvzWHz0Hnquwxe+60ssFWylkkoAbtEQPwfNqbYS2VbICKMIUI:DfPz0Hyn60ssFlSjqPF
Score10/10-
SectopRAT
SectopRAT is a remote access trojan first seen in November 2019.
-
SectopRAT payload
-
Sectoprat family
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-