Behavioral task
behavioral1
Sample
5cb3ab7507474cb16223f03f56c7fb773456d7f40fe32dc8062bdcb972dd7ef7.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
5cb3ab7507474cb16223f03f56c7fb773456d7f40fe32dc8062bdcb972dd7ef7.exe
Resource
win10v2004-20241007-en
General
-
Target
5cb3ab7507474cb16223f03f56c7fb773456d7f40fe32dc8062bdcb972dd7ef7
-
Size
797KB
-
MD5
09afce20ac058ca516a2d99e20859c9a
-
SHA1
4d83532c0c0d6da05f7319afd12b9984fec50f19
-
SHA256
5cb3ab7507474cb16223f03f56c7fb773456d7f40fe32dc8062bdcb972dd7ef7
-
SHA512
c6183dbe4d9966e22e36bfa90163430d8cf05c777793defa600c13c7a8257247181b7103267602debe602a4c7141dc47fa4f4db5bf7f017f3cecbfa26833b0b5
-
SSDEEP
12288:BeusUXF+5K9+52kEVdvK6QR2TAOKD04D8+S07LgvuzxwpitVI8ZA/z11rzUeGzGE:UPk/V1WaAOKDNghO5YC
Malware Config
Signatures
-
SectopRAT payload 1 IoCs
resource yara_rule sample family_sectoprat -
Sectoprat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5cb3ab7507474cb16223f03f56c7fb773456d7f40fe32dc8062bdcb972dd7ef7
Files
-
5cb3ab7507474cb16223f03f56c7fb773456d7f40fe32dc8062bdcb972dd7ef7.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 3760.3MB - Virtual size: 765KB
IMAGE_SCN_MEM_EXECUTE
��`.rsrc Size: 3KB - Virtual size:
IMAGE_SCN_MEM_READ
��@.relo Size: 3KB - Virtual size: 192.0MB
IMAGE_SCN_MEM_READ