sectoprat | a0c867e776121ce5889f99fcd5dd3006c1c86a343a58256a9a536d116615e284 | Triage

Submit
Reports

Overview

overview

Static

static

3

a0c867e776...84.exe

windows7-x64

a0c867e776...84.exe

windows10-2004-x64

Sharing

General

Target

a0c867e776121ce5889f99fcd5dd3006c1c86a343a58256a9a536d116615e284.exe
Size

4.0MB
Sample

250120-e7ryta1pbt
MD5

edba5529bd552054f5409496f1d1782d
SHA1

c99315b1eae4e8b409d78022a583459540f3bf1a
SHA256

a0c867e776121ce5889f99fcd5dd3006c1c86a343a58256a9a536d116615e284
SHA512

df17280eeb911057377b809c4deaeced97fa1dd1165a80c3fadb83ece22905585c41b29acc9e90a3eccdcbd6e3fcfa0c30afd87a6cb3724f49290f6a52a12326
SSDEEP

98304:cKaAh0104NS7FGwCh1CTLBMtMeUjafSUYGzRodJ8opxQ9S:vlaf4XCbCTLBgMeUTYROJ8An

Score

10^/10

sectoprat discovery rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a0c867e776121ce5889f99fcd5dd3006c1c86a343a58256a9a536d116615e284.exe

Resource

win7-20240903-en

sectoprat discovery rat trojan

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

a0c867e776121ce5889f99fcd5dd3006c1c86a343a58256a9a536d116615e284.exe

Resource

win10v2004-20241007-en

sectoprat discovery rat trojan

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  a0c867e776121ce5889f99fcd5dd3006c1c86a343a58256a9a536d116615e284.exe
- Size
  
  4.0MB
- MD5
  
  edba5529bd552054f5409496f1d1782d
- SHA1
  
  c99315b1eae4e8b409d78022a583459540f3bf1a
- SHA256
  
  a0c867e776121ce5889f99fcd5dd3006c1c86a343a58256a9a536d116615e284
- SHA512
  
  df17280eeb911057377b809c4deaeced97fa1dd1165a80c3fadb83ece22905585c41b29acc9e90a3eccdcbd6e3fcfa0c30afd87a6cb3724f49290f6a52a12326
- SSDEEP
  
  98304:cKaAh0104NS7FGwCh1CTLBMtMeUjafSUYGzRodJ8opxQ9S:vlaf4XCbCTLBgMeUTYROJ8An
Score

10^/10

sectoprat discovery rat trojan
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
- Sectoprat family
  sectoprat
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

sectopratdiscoveryrattrojan

behavioral2

sectopratdiscoveryrattrojan

© 2018-2025

Terms | Privacy