General
-
Target
a7408b998eae536b93af0d084d1d255670c91fcdd568e9f42b15e301108b8868
-
Size
2.7MB
-
Sample
220630-vg1q2adael
-
MD5
720e206fa0d50d62798c7e05e65c9333
-
SHA1
74f37097a796b81bc052a3f91cb4b7d7d9a06cbe
-
SHA256
a7408b998eae536b93af0d084d1d255670c91fcdd568e9f42b15e301108b8868
-
SHA512
94fa380fbee91313d314a4342482ea5f916fa05de340653924ba09d0e858109880106ce62f95d6f832ba4a29920c97c5705d7981fcb0720f19a586281c2d70db
Malware Config
Extracted
bitrat
1.33
23.105.131.186:8787
-
communication_password
c4ca4238a0b923820dcc509a6f75849b
-
tor_process
tor
Targets
-
-
Target
a7408b998eae536b93af0d084d1d255670c91fcdd568e9f42b15e301108b8868
-
Size
2.7MB
-
MD5
720e206fa0d50d62798c7e05e65c9333
-
SHA1
74f37097a796b81bc052a3f91cb4b7d7d9a06cbe
-
SHA256
a7408b998eae536b93af0d084d1d255670c91fcdd568e9f42b15e301108b8868
-
SHA512
94fa380fbee91313d314a4342482ea5f916fa05de340653924ba09d0e858109880106ce62f95d6f832ba4a29920c97c5705d7981fcb0720f19a586281c2d70db
Score10/10-
BitRAT
BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-