Overview

overview

10

Static

static

3

Mind/borlndmm.dll

windows7-x64

3

Mind/borlndmm.dll

windows10-2004-x64

3

Mind/cc32290mt.dll

windows7-x64

3

Mind/cc32290mt.dll

windows10-2004-x64

3

Mind/content.exe

windows7-x64

10

Mind/content.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    daca202f3d10de0328c83f7a7f65344d51233fb18397a644f62139ce4d05903e.zip

  • Size

    12.0MB

  • Sample

    250218-jnrwxszn12

  • MD5

    ea695b529ab88d8e771bc5b944f8feb3

  • SHA1

    3f428066e909602c886f9e46ca6bda5107ddcbd7

  • SHA256

    daca202f3d10de0328c83f7a7f65344d51233fb18397a644f62139ce4d05903e

  • SHA512

    e23d0d58ab39752cc5d6d307c2c42d9c6731e2972d3f3ea37a194072db39c8e45844c862a8975788b8e6dacac212f16e29cea5536e93076c7a1aa35169192c18

  • SSDEEP

    393216:wGUgEI/9LfWhSojDy/ykbF3tY+qdvg0FYnRFUN4:/UpI/97WInzRdmFuFUe

Score
10/10
sectopratdiscoveryratspywaretrojan

Malware Config

Targets

    • Target

      Mind/borlndmm.dll

    • Size

      64KB

    • MD5

      0dffc47cf8ecbae9002b66dc5059aa88

    • SHA1

      858f0c79a186c51ac5dbad5939578ffa516a495b

    • SHA256

      de9b07d0e69bbda752162af4be0b2cf952597d1ec7cf5315cda1ca88e267bfc3

    • SHA512

      fc2a8ff135a3ed1c2dadf54045c8d24e1f438d2badadbe2a54c44b40f6480570f2af5c6c796e1d0d36900dec013bbfa9ff609e9530963b7b71c42b75a747039a

    • SSDEEP

      768:vcWcax8UO2GZL/VaEMOLnECPXMJDkuuAbE7XgMhfNNCfAmQpxDY24:vcH7QoLnP8JDkhAbiLfwut74

    Score
    3/10
    discovery
    behavioral1behavioral2

    • Target

      Mind/cc32290mt.dll

    • Size

      1.0MB

    • MD5

      9f481987d195c59039c9703e48d445be

    • SHA1

      ece21f652b034876c86da075010452fc6e37d463

    • SHA256

      ba296434ee777fbbfa2a2ec2713af3cf4e44ddc7d1ab58be847753af17da0fbd

    • SHA512

      000cddcb6c388d6ebf79c845be34711aafb3266bbbd35022deee5d83a774a643a00707a42139b1139a25d3c29734033958d25a1b08f378d4305dc788ce8b3b79

    • SSDEEP

      24576:RAOrBANpUIEBwDgc2Hwt4S+sLuJIGhwcY:6wANpUBwDgccwtV

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      Mind/content.exe

    • Size

      27.6MB

    • MD5

      950f3bebb7563ee8354b21ef9cbea4a2

    • SHA1

      7b520ff8bd1b552e3de00a38a87722f21dc1c9f4

    • SHA256

      8f4f53bc02348a549f3437444aacec43eae5f90875ea3c5ec96600ba1cb4a061

    • SHA512

      6aac49f02fcfc131634864684c59c82c51208ab3191eacfd28bd1e184a8d6583565e2a57701f55c283b7297f843d4bcdd07ed7db4fc212a7b1c153e7cc4486d5

    • SSDEEP

      393216:QM7KPSvINzNgF7kiPF7Ijs1vg+NLh3wBRoQWhKUzLkWEgC+24lRTSRAyGrR2FhHS:dGiPF+lvFNjXE9wpS

    Score
    10/10
    sectopratdiscoveryrattrojanspyware

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Sectoprat family

      sectoprat

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks