bitrat | 317b32811ef46a4dec52e650315c82b5a5f867f49e5844bb11ed4e1f5281e6d9 | Triage

Submit
Reports

Overview

overview

Static

static

Purchase O...1 .exe

windows7_x64

Purchase O...1 .exe

windows10_x64

Sharing

General

Target

Purchase Order NO32874287782377732 July 2021 .exe
Size

2.5MB
Sample

210726-ckpz2cggwn
MD5

37b87bb801399002ce5109fa582512de
SHA1

d634ba38c689efef5c72f976b88b61e5bb78989a
SHA256

317b32811ef46a4dec52e650315c82b5a5f867f49e5844bb11ed4e1f5281e6d9
SHA512

fd066e3d8dd991dd78b0efeb09ce0bd4393dc234b82038ee3a22e6b64defa75fec6d54736fb9375a7e26773eb767f90c99b70e4f9a63c379d666a72f129823fd

Score

10^/10

bitrat suricata trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

Purchase Order NO32874287782377732 July 2021 .exe

Resource

win7v20210410

bitrat suricata trojan upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Purchase Order NO32874287782377732 July 2021 .exe

Resource

win10v20210410

bitrat suricata trojan upx

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Purchase Order NO32874287782377732 July 2021 .exe
- Size
  
  2.5MB
- MD5
  
  37b87bb801399002ce5109fa582512de
- SHA1
  
  d634ba38c689efef5c72f976b88b61e5bb78989a
- SHA256
  
  317b32811ef46a4dec52e650315c82b5a5f867f49e5844bb11ed4e1f5281e6d9
- SHA512
  
  fd066e3d8dd991dd78b0efeb09ce0bd4393dc234b82038ee3a22e6b64defa75fec6d54736fb9375a7e26773eb767f90c99b70e4f9a63c379d666a72f129823fd
Score

10^/10

bitrat suricata trojan upx
- BitRAT
  BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
  trojan bitrat
- BitRAT Payload
- suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)
  suricata
- CustAttr .NET packer
  Detects CustAttr .NET packer in memory.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bitratsuricatatrojanupx

behavioral2

bitratsuricatatrojanupx

© 2018-2024

Terms | Privacy