General
-
Target
4e3056448e294407b47e08e4dd3364b14acc1fe05d602cbe3347e10800f925ae
-
Size
4.6MB
-
Sample
220510-2lmtashfh3
-
MD5
f0fd5d38ffa54d8dfd6456c0b7a8664b
-
SHA1
36387a6cd5c900fb78e6fc67a88e84a472d05b61
-
SHA256
4e3056448e294407b47e08e4dd3364b14acc1fe05d602cbe3347e10800f925ae
-
SHA512
80b57e0e8feb4241631adfd73678ea8c4094397c4053855bfd3cce2d4762be8c67da46fe3e41b73766596723d370692cb31a75ba2bf475b40f2c4f2c1a9eb7db
Static task
static1
Malware Config
Extracted
bitrat
1.38
https.myvnc.com:9111
-
communication_password
c4ca4238a0b923820dcc509a6f75849b
-
tor_process
tor
Targets
-
-
Target
4e3056448e294407b47e08e4dd3364b14acc1fe05d602cbe3347e10800f925ae
-
Size
4.6MB
-
MD5
f0fd5d38ffa54d8dfd6456c0b7a8664b
-
SHA1
36387a6cd5c900fb78e6fc67a88e84a472d05b61
-
SHA256
4e3056448e294407b47e08e4dd3364b14acc1fe05d602cbe3347e10800f925ae
-
SHA512
80b57e0e8feb4241631adfd73678ea8c4094397c4053855bfd3cce2d4762be8c67da46fe3e41b73766596723d370692cb31a75ba2bf475b40f2c4f2c1a9eb7db
-
suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)
suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-