bitrat | 68efb40ce0cf7c5d05737929727cd1e08f4ccbace0b14e9102d332c4c4b40667 | Triage

Submit
Reports

Overview

overview

Static

static

68efb40ce0...67.zip

windows7_x64

1

68efb40ce0...67.zip

windows10-2004_x64

1

n3m18xb4m_Receipt.exe

windows7_x64

n3m18xb4m_Receipt.exe

windows10-2004_x64

8

Sharing

General

Target

68efb40ce0cf7c5d05737929727cd1e08f4ccbace0b14e9102d332c4c4b40667
Size

1.8MB
Sample

220622-k56xvaceen
MD5

4fd8e06c65e9379d73e89e97df07786e
SHA1

f37ed28197e302b40fce17f84348885b7334a5f2
SHA256

68efb40ce0cf7c5d05737929727cd1e08f4ccbace0b14e9102d332c4c4b40667
SHA512

ecd45f06cee32e8298f0cd929667b1ce2fc141b1744deaf09f2963027ab7f2990b8b287f49a527f96b1d9edf6e99d32067beb05dd75aafeddda310affcda50d9

Score

10^/10

bitrat trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

68efb40ce0cf7c5d05737929727cd1e08f4ccbace0b14e9102d332c4c4b40667.zip

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

68efb40ce0cf7c5d05737929727cd1e08f4ccbace0b14e9102d332c4c4b40667.zip

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

n3m18xb4m_Receipt.exe

Resource

win7-20220414-en

bitrat trojan upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

n3m18xb4m_Receipt.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

bitranew3500.duckdns.org:3500

Attributes

communication_password
e10adc3949ba59abbe56e057f20f883e
tor_process
tor

Targets

- Target
  
  68efb40ce0cf7c5d05737929727cd1e08f4ccbace0b14e9102d332c4c4b40667
- Size
  
  1.8MB
- MD5
  
  4fd8e06c65e9379d73e89e97df07786e
- SHA1
  
  f37ed28197e302b40fce17f84348885b7334a5f2
- SHA256
  
  68efb40ce0cf7c5d05737929727cd1e08f4ccbace0b14e9102d332c4c4b40667
- SHA512
  
  ecd45f06cee32e8298f0cd929667b1ce2fc141b1744deaf09f2963027ab7f2990b8b287f49a527f96b1d9edf6e99d32067beb05dd75aafeddda310affcda50d9
Score

1^/10
behavioral1 behavioral2
- Target
  
  n3m18xb4m_Receipt.exe
- Size
  
  300.0MB
- MD5
  
  600264e6c435659230d5e8fa5c461f8e
- SHA1
  
  d73cccf02e3f6fe73c95b0760579091455036b4b
- SHA256
  
  e03cb09284d307ffc4121661c8d6fc9c4451127cbd2616adcc638ff19de44831
- SHA512
  
  26ad49be4f9e1f7c928af4be1c5b84a149e410a20cc12257225cb89753b98b6b38d669bb23527a3325d6783070359b12201c89498f5c169f36d7ef3e30f38dee
Score

10^/10

bitrat trojan upx
- BitRAT
  BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
  trojan bitrat
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral3 behavioral4

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

bitrattrojanupx

behavioral4

© 2018-2024

Terms | Privacy