General
-
Target
F6SNA4S9KD7_ETRANSFER_RECEIPT.exe
-
Size
1.4MB
-
Sample
220607-tb73gsbac8
-
MD5
cc065fdab084a5641fb063425a9b3a29
-
SHA1
24957d8aedb7b77d89a8b43c1223f5b2c58e5592
-
SHA256
ecd4c729aa757a8833d0fca4a19208fe2c53c006613b4b81e79cba82d960f48b
-
SHA512
6742edc01b8757618f621a1666afdf2faa49dd69c78f4ecd12067af982d2783a880be6c6a943e18f993056cb3f10524024eb0b11724bdacc45c3ce9b949182e4
Static task
static1
Behavioral task
behavioral1
Sample
F6SNA4S9KD7_ETRANSFER_RECEIPT.exe
Resource
win7-20220414-en
Malware Config
Extracted
bitrat
1.38
bitrat9300.duckdns.org:9300
-
communication_password
e10adc3949ba59abbe56e057f20f883e
-
tor_process
tor
Targets
-
-
Target
F6SNA4S9KD7_ETRANSFER_RECEIPT.exe
-
Size
1.4MB
-
MD5
cc065fdab084a5641fb063425a9b3a29
-
SHA1
24957d8aedb7b77d89a8b43c1223f5b2c58e5592
-
SHA256
ecd4c729aa757a8833d0fca4a19208fe2c53c006613b4b81e79cba82d960f48b
-
SHA512
6742edc01b8757618f621a1666afdf2faa49dd69c78f4ecd12067af982d2783a880be6c6a943e18f993056cb3f10524024eb0b11724bdacc45c3ce9b949182e4
-
suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)
suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-