BitRAT

BitRAT is a remote access tool written in C++ and uses leaked source code from other families.

suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)

suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)

Executes dropped EXE

UPX packed file

Detects executables packed with UPX/modified UPX open source packer.