Extracted

• • Target

    fxdgf.exe

  • Size

    1.7MB

  • MD5

    6505bd7c5e3775f45522cead41f38882

  • SHA1

    c13140dc82455007a70c7747b4f6aaee5e549315

  • SHA256

    c8e1ce5d1216e1e068af5fc38b107b78f32372f69d59b4f1e6a456770ded8744

  • SHA512

    96998ce4683585d2913d3526bbdc48180fc373feb6e02320fff948284a4aeea9136886a2a8ffc5574c9b0651f8ce239ec81be717a9ed163f9e2442b70587ec5e

  Score

  10^/10

  bitratsuricatatrojanupx

  • BitRAT

    BitRAT is a remote access tool written in C++ and uses leaked source code from other families.

    trojanbitrat

  • suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)

    suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)

    suricata

  • Executes dropped EXE

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Suspicious use of NtSetInformationThreadHideFromDebugger

  • Suspicious use of SetThreadContext

  behavioral1behavioral2