Overview

overview

10

Static

static

10

1328-68-0x...ry.exe

windows7_x64

1

1328-68-0x...ry.exe

windows10-2004_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1328-68-0x0000000000400000-0x00000000007E4000-memory.dmp

  • Size

    3.9MB

  • MD5

    b93e47e03b012879c071c65be158092b

  • SHA1

    47214c70ba05006d8e20dd5f5521abb5469282af

  • SHA256

    3128b64ff39ebe5790f650023b51fad123ce7d0f2063cda7da0d861fb2834149

  • SHA512

    2705f67d333df2c7e8ae7ecff61e186f897c780476d74ce8841427aa55e85574e132fb83a21449ccc94c143c7f95a9e8c7d69de8ccc5a818452a75771170a5c6

  • SSDEEP

    98304:K77Pmq33rE/JDLPWZADUGer7B6iY74M/YmlwXVZ:8+R/eZADUXR

Score
10/10
upxbitrat

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

godfavor.duckdns.org:2349

Attributes
  • communication_password

    81dc9bdb52d04dc20036dbd8313ed055

  • tor_process

    tor

Signatures

  • Bitrat family
    bitrat
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Files

  • 1328-68-0x0000000000400000-0x00000000007E4000-memory.dmp
    .exe windows x86


    Headers

    Sections