General
-
Target
7558646157.zip
-
Size
1.5MB
-
Sample
220614-t1cb4sffdl
-
MD5
705e7f2c343ae4f36cee0012ee1e7ee8
-
SHA1
5fe84e1c77617db44e785d81b67ddaf815de7944
-
SHA256
d45b7cb0d3670b2d8a0191ddb50c96346c69ce3635d7e187270652b1c6398547
-
SHA512
089badc32b8be8b3a400267f36081a6397614adbf6f5cbb04ab12a028678aeadf30a0df7400be5ceb4fa0773d28a522391dd0e7f17c9c4aa1657866145b73d4a
Static task
static1
Behavioral task
behavioral1
Sample
C8D6C4G3_ETRANSFER_RECEIPT.exe
Resource
win7-20220414-en
Malware Config
Extracted
bitrat
1.38
bitrat9300.duckdns.org:9300
-
communication_password
e10adc3949ba59abbe56e057f20f883e
-
tor_process
tor
Targets
-
-
Target
C8D6C4G3_ETRANSFER_RECEIPT.exe
-
Size
300.0MB
-
MD5
bfabfe78aa78696e50b54618f8b828e6
-
SHA1
10444cddc6fd263a1b4a3ee8fa477a3a1e673f81
-
SHA256
5d40878b671c96e0c31b04b38d416c808fe231b1eaade5b4e1bdf5345b371a2b
-
SHA512
75b739af5a7a84b740175bdb0d95a6c91ff38f6c52aacfaf82f61da2edb491bbf38494a21f09a83706509d7bdf1bcaaa14707bb61dcc1f32e7bc73fa8033a3b5
-
suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)
suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)
-
Executes dropped EXE
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-