Description
BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
e-transfer.img
300MB
220119-y83aqachhm
de3a4c3319fffd14a016b32e59ded549
03fdb123f412cad89a9dcf33f54a85b31de7221c
35da1611e4771602b021b682b95550c90fe8c31ea1367a74d329a6f9e8768021
73bac9d70a218253c1e3cba2c0a5499e033c6998775fb84125400d5df5f6bc665da304a484a9191526dafba590012afda353b555d654a788f9555f2848c4d15f
Family | bitrat |
Version | 1.38 |
C2 |
yakbitpeople.duckdns.org:9175 |
Attributes |
communication_password 827ccb0eea8a706c4c34a16891f84e7b
tor_process tor |
E_TRANSF.EXE
affebb601f181b9c290753caae06050a
300MB
64942ee5d84b1a2262d02a1dd0ae1aa6e8b66486
e2ce88575e964545d834e0bae841ec554b02fa4a290e645e19cb7556123bb49e
3870beafddb9972863a2b0d74eeded9bd21eb3b8c13563808754927ce3a29579adad56e7eb3bc37b4777cb16caea0d9d5d233b01432aa42fe0c5ecafc3c025b2
BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)
Detects executables packed with UPX/modified UPX open source packer.