bitrat | 5548b857ac6b402388302ea82b0fda3ad06783a217b91e731559736bd5734685 | Triage

Submit
Reports

Overview

overview

Static

static

1c2697eec9...1e.exe

windows7_x64

9

1c2697eec9...1e.exe

windows10_x64

9

Sharing

General

Target

1c2697eec9a66c7da1bb6a0024a9431e.exe
Size

7.8MB
Sample

220131-h8dz5agfdn
MD5

1c2697eec9a66c7da1bb6a0024a9431e
SHA1

4bfd5fdab7fcdb5a6d91fe24d35870f60b12cf7f
SHA256

5548b857ac6b402388302ea82b0fda3ad06783a217b91e731559736bd5734685
SHA512

af753916f6af5cfbd2055146be7b48e6b30f1ca7b7a3753b500f5a7e732109e27e2739e930c2c733fbd31a11831ff2be1151929dadbb57ae35a88b0785bb9b46

Score

10^/10

bitrat upx

Static task

static1

Behavioral task

behavioral1

Sample

1c2697eec9a66c7da1bb6a0024a9431e.exe

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

1c2697eec9a66c7da1bb6a0024a9431e.exe

Resource

win10-en-20211208

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

kjhegxechiassewleatp3wbjyo7jqm2yhhofutzuvd2sem3pnd5hscad.onion:80

Attributes

communication_password
81dc9bdb52d04dc20036dbd8313ed055
tor_process
NEWTOR

Targets

- Target
  
  1c2697eec9a66c7da1bb6a0024a9431e.exe
- Size
  
  7.8MB
- MD5
  
  1c2697eec9a66c7da1bb6a0024a9431e
- SHA1
  
  4bfd5fdab7fcdb5a6d91fe24d35870f60b12cf7f
- SHA256
  
  5548b857ac6b402388302ea82b0fda3ad06783a217b91e731559736bd5734685
- SHA512
  
  af753916f6af5cfbd2055146be7b48e6b30f1ca7b7a3753b500f5a7e732109e27e2739e930c2c733fbd31a11831ff2be1151929dadbb57ae35a88b0785bb9b46
Score

9^/10

upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy