bitrat | 494af7ea066d464e7dac94e305dbcf77322ae1931a05d4c7050711ad2a07fb0a | Triage

Submit
Reports

Overview

overview

Static

static

1.exe

windows7_x64

1.exe

windows10_x64

Sharing

General

Target

1.exe
Size

1.7MB
Sample

220408-w8826adbal
MD5

b0aa91523dd4dc0baaad660ecbefee3e
SHA1

c07e6d0ee5b48c353298f6eb9ead89abb90a4f07
SHA256

494af7ea066d464e7dac94e305dbcf77322ae1931a05d4c7050711ad2a07fb0a
SHA512

279688506744cfed3017c1edfdfbf31bdac73541d59d500d3ce5d2fb655f0e65b79c4ecd273296c564a48dd8a7f57e1d1478e441f4153009c2e4e4965f33fe2f

Score

10^/10

bitrat suricata trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

1.exe

Resource

win7-20220331-en

bitrat suricata trojan upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

1.exe

Resource

win10-20220331-en

bitrat suricata trojan upx

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

doctorsbit.duckdns.org:4012

Attributes

communication_password
827ccb0eea8a706c4c34a16891f84e7b
tor_process
tor

Targets

- Target
  
  1.exe
- Size
  
  1.7MB
- MD5
  
  b0aa91523dd4dc0baaad660ecbefee3e
- SHA1
  
  c07e6d0ee5b48c353298f6eb9ead89abb90a4f07
- SHA256
  
  494af7ea066d464e7dac94e305dbcf77322ae1931a05d4c7050711ad2a07fb0a
- SHA512
  
  279688506744cfed3017c1edfdfbf31bdac73541d59d500d3ce5d2fb655f0e65b79c4ecd273296c564a48dd8a7f57e1d1478e441f4153009c2e4e4965f33fe2f
Score

10^/10

bitrat suricata trojan upx
- BitRAT
  BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
  trojan bitrat
- suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)
  suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)
  suricata
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bitratsuricatatrojanupx

behavioral2

bitratsuricatatrojanupx

© 2018-2024

Terms | Privacy