Overview

overview

10

Static

static

1

pica.exe

windows7-x64

10

pica.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    275d3ee9353b7a6061c2fc0582d0a9b209ef04c761668224ca7bf63483f9521f

  • Size

    2.2MB

  • Sample

    250217-t4t2bs1px9

  • MD5

    86eb7ac6ee390aa1c07d4bc780b42a8f

  • SHA1

    6851be7b2ddc1311a9b3001676c90d9cdce843f9

  • SHA256

    275d3ee9353b7a6061c2fc0582d0a9b209ef04c761668224ca7bf63483f9521f

  • SHA512

    636050ba9e601fb1122430f05a1976bc2f4851bb15aeb79d6529ab5353e4b4754c5f0f4cb9a5cdc594cdd59a131b915ded304b2db4c23bd8b19080bae34471cc

  • SSDEEP

    49152:4z4ssKKlbM+3P+CWo616eRoqFV3UVGb5N6jLliLBJoaSX32:4bKy+3GC6dRHFZfbXSa62

Score
10/10
sectopratdiscoveryratspywaretrojan

Malware Config

Targets

    • Target

      pica.exe

    • Size

      40.0MB

    • MD5

      30ad2c460bec3cec4078de57849e76c8

    • SHA1

      86455b67f56495bbb5efa2bf19b4824c77e432b4

    • SHA256

      aabac842ff753a562b44874af5a849db7df6c1d79678c2c5e746aa3c9ade35c3

    • SHA512

      e873e4b2d7ca5df411efa2e3a13159387ad419050bf6d64e0a8151763aeb725446df3713deed736990693e916166093b05a6d74371d6516356feb169df854910

    • SSDEEP

      98304:rRq0X6DOzl4pysJwWVNUK1oiUf4EdbldN+VNQo:bXoysJwWXUKa4EvdmQo

    Score
    10/10
    sectopratdiscoveryratspywaretrojan

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Sectoprat family

      sectoprat

    • Downloads MZ/PE file

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks