General
-
Target
6cd1ceb6a9ceb4218c023fbb6be825fec81d9341849bf25fc659c4974864da0e
-
Size
3.3MB
-
Sample
220513-n92qgafca5
-
MD5
af3d87b1bbf5db0a0fd3517915ac6efc
-
SHA1
a3c0ac37e224e9d0d96d255c3deca5515d12a307
-
SHA256
6cd1ceb6a9ceb4218c023fbb6be825fec81d9341849bf25fc659c4974864da0e
-
SHA512
329e86269bc756cfb926e120234be1e3ca694485e0a6af989d62f3b8358bac4ac90713c89fd0b9e8e785b2dd724087f14f878bff8af8862f428c0c70af8a408b
Static task
static1
Behavioral task
behavioral1
Sample
6cd1ceb6a9ceb4218c023fbb6be825fec81d9341849bf25fc659c4974864da0e.exe
Resource
win7-20220414-en
Malware Config
Extracted
bitrat
1.38
https.myvnc.com:9111
-
communication_password
c4ca4238a0b923820dcc509a6f75849b
-
tor_process
tor
Targets
-
-
Target
6cd1ceb6a9ceb4218c023fbb6be825fec81d9341849bf25fc659c4974864da0e
-
Size
3.3MB
-
MD5
af3d87b1bbf5db0a0fd3517915ac6efc
-
SHA1
a3c0ac37e224e9d0d96d255c3deca5515d12a307
-
SHA256
6cd1ceb6a9ceb4218c023fbb6be825fec81d9341849bf25fc659c4974864da0e
-
SHA512
329e86269bc756cfb926e120234be1e3ca694485e0a6af989d62f3b8358bac4ac90713c89fd0b9e8e785b2dd724087f14f878bff8af8862f428c0c70af8a408b
-
suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)
suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-