bitrat | 9b7a42def14129b70c89d87853845f8c21fe04c6787757d3e59d6bd1ee21234d | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

9b7a42def14129b70c89d87853845f8c21fe04c6787757d3e59d6bd1ee21234d
Size

555KB
Sample

211207-2wpewagdb7
MD5

8c010d565f0ae6ae084bdeb35fba7ff1
SHA1

95485abfab63edbd848f3f3ec2821f50aba0b74d
SHA256

9b7a42def14129b70c89d87853845f8c21fe04c6787757d3e59d6bd1ee21234d
SHA512

73fa980b534c6ad3af0752b5eb775652d5cada3ed66fabdeceec74d6cfe9de01db9f7f7788612d77c9ad3270ed3c8b6c16131ccffe0207b8b7f8714d0f725215

Score

10^/10

bitrat persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

9b7a42def14129b70c89d87853845f8c21fe04c6787757d3e59d6bd1ee21234d.exe

Resource

win10-en-20211104

bitrat persistence trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  9b7a42def14129b70c89d87853845f8c21fe04c6787757d3e59d6bd1ee21234d
- Size
  
  555KB
- MD5
  
  8c010d565f0ae6ae084bdeb35fba7ff1
- SHA1
  
  95485abfab63edbd848f3f3ec2821f50aba0b74d
- SHA256
  
  9b7a42def14129b70c89d87853845f8c21fe04c6787757d3e59d6bd1ee21234d
- SHA512
  
  73fa980b534c6ad3af0752b5eb775652d5cada3ed66fabdeceec74d6cfe9de01db9f7f7788612d77c9ad3270ed3c8b6c16131ccffe0207b8b7f8714d0f725215
Score

10^/10

bitrat persistence trojan
- BitRAT
  BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
  trojan bitrat
- BitRAT Payload
- Downloads MZ/PE file
- Modifies Installed Components in the registry
  persistence
- Drops startup file
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bitratpersistencetrojan

© 2018-2024

Terms | Privacy