bitrat | c8e1ce5d1216e1e068af5fc38b107b78f32372f69d59b4f1e6a456770ded8744 | Triage

Submit
Reports

Overview

overview

Static

static

fxdgf.exe

windows7_x64

fxdgf.exe

windows10_x64

Sharing

General

Target

fxdgf.exe
Size

1.7MB
Sample

220622-s45x6ahehr
MD5

6505bd7c5e3775f45522cead41f38882
SHA1

c13140dc82455007a70c7747b4f6aaee5e549315
SHA256

c8e1ce5d1216e1e068af5fc38b107b78f32372f69d59b4f1e6a456770ded8744
SHA512

96998ce4683585d2913d3526bbdc48180fc373feb6e02320fff948284a4aeea9136886a2a8ffc5574c9b0651f8ce239ec81be717a9ed163f9e2442b70587ec5e

Score

10^/10

bitrat suricata trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

fxdgf.exe

Resource

win7-20220414-en

bitrat suricata trojan upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

fxdgf.exe

Resource

win10-20220414-en

bitrat suricata trojan upx

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

bitrat9300.duckdns.org:9300

Attributes

communication_password
e10adc3949ba59abbe56e057f20f883e
tor_process
tor

Targets

- Target
  
  fxdgf.exe
- Size
  
  1.7MB
- MD5
  
  6505bd7c5e3775f45522cead41f38882
- SHA1
  
  c13140dc82455007a70c7747b4f6aaee5e549315
- SHA256
  
  c8e1ce5d1216e1e068af5fc38b107b78f32372f69d59b4f1e6a456770ded8744
- SHA512
  
  96998ce4683585d2913d3526bbdc48180fc373feb6e02320fff948284a4aeea9136886a2a8ffc5574c9b0651f8ce239ec81be717a9ed163f9e2442b70587ec5e
Score

10^/10

bitrat suricata trojan upx
- BitRAT
  BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
  trojan bitrat
- suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)
  suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)
  suricata
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bitratsuricatatrojanupx

behavioral2

bitratsuricatatrojanupx

© 2018-2024

Terms | Privacy