SectopRAT Malware IOCs - II - SEC-1275-1
Tags
attack-pattern: Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001
Show in Graph
Common Information
Type Value
UUID 2b610655-44f5-41a1-872f-7d42b4a055f6
Fingerprint 7b3ff8ea032438e9
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 8, 2024, midnight
Added to db Oct. 8, 2024, 10:33 a.m.
Last updated Dec. 17, 2024, 8:41 a.m.
Headline SectopRAT Malware IOCs - II
Title SectopRAT Malware IOCs - II - SEC-1275-1
Detected Hints/Tags/Attributes 9/1/20
Source URLs
Redirection Url
Details Source https://1275.ru/ioc/4076/sectoprat-malware-iocs-ii/?mtm_campaign=rss
URL Provider
Details Provider Source level domain
Details 1275.ru 1275.ru
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 8 Архивы IOC - SEC-1275-1 https://1275.ru/ioc/feed 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 3 
notlon.be
Details Domain 1 
launchapps.site
Details Domain 3 
affecthorsedpo.shop
Details Domain 3 
answerrsdo.shop
Details Domain 1 
assumedtribsosp.shop
Details Domain 3 
bannngwko.shop
Details File 25 
4.exe
Details File 4 
decrypted.exe
Details md5 1 
2573317128ca9e79c3d23b0d374dc384
Details md5 1 
50ab29f322265d07930cc23bcdd71e05
Details md5 1 
6d0757889c248708b8d1d1a5b0ca6e6c
Details md5 1 
85c348c939aee9926327ea756bb8aaf2
Details md5 1 
8f1372af1268aec232a9bdd96fff3824
Details IPv4 1 
45.141.87.50
Details Url 3 
https://notlon.be/notion
Details Url 1 
http://45.141.87.50:9000/wbinjget
Details Url 1 
https://affecthorsedpo.shop/api
Details Url 1 
https://answerrsdo.shop/api
Details Url 1 
https://assumedtribsosp.shop/api
Details Url 1 
https://bannngwko.shop/api