General
-
Target
DHL_51015370367858.cmd
-
Size
1.9MB
-
Sample
220705-pnbgtshbcq
-
MD5
97fb1f63882abcbf894a43a528e4cb7a
-
SHA1
753c06c8b807a4e1f6b518cc0bc1350a09d8a922
-
SHA256
f038d9065406391e3c711ceb73d5e30f1021f75a086d275750488fbde9cf2d72
-
SHA512
aefd423c08320ae04fdb0072b04e70e27c8ca2cba9046f677a43783f8b64613b193bbb6a39daffd5db6a1c27478394c8c0c47c0a82d461b508c20bd466260e43
Static task
static1
Behavioral task
behavioral1
Sample
DHL_51015370367858.exe
Resource
win7-20220414-en
Malware Config
Extracted
bitrat
1.38
godfavor.duckdns.org:2349
-
communication_password
81dc9bdb52d04dc20036dbd8313ed055
-
tor_process
tor
Targets
-
-
Target
DHL_51015370367858.cmd
-
Size
1.9MB
-
MD5
97fb1f63882abcbf894a43a528e4cb7a
-
SHA1
753c06c8b807a4e1f6b518cc0bc1350a09d8a922
-
SHA256
f038d9065406391e3c711ceb73d5e30f1021f75a086d275750488fbde9cf2d72
-
SHA512
aefd423c08320ae04fdb0072b04e70e27c8ca2cba9046f677a43783f8b64613b193bbb6a39daffd5db6a1c27478394c8c0c47c0a82d461b508c20bd466260e43
-
suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)
suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-