Extracted

• • Target

    BUD6HCGS_ETRANSFER_RECEIPT.exe

  • Size

    200.0MB

  • MD5

    4adbac216516812a5aaef7114bfb7113

  • SHA1

    68e86d9070f63bb4860ba87cc6414b2dfcf47da8

  • SHA256

    839907fe5e1d61d13e9e4242f6bb3d983b14f972f32b8cfa7f04ccb7c0e3e735

  • SHA512

    f196da861aa55c1683e7bfb02c386eb5bcbbd27deffd46fda045d05d84109cfcd61b58d79bd6667588a1359e9b979be4c9b8b022453d71409b64c8fe5160dbd1

  Score

  10^/10

  bitrattrojanupx

  • BitRAT

    BitRAT is a remote access tool written in C++ and uses leaked source code from other families.

    trojanbitrat

  • Executes dropped EXE

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Suspicious use of NtSetInformationThreadHideFromDebugger

  • Suspicious use of SetThreadContext

  behavioral1behavioral2