bitrat | 614d76652c2200e394b860c180e9b44f3bccf99f172bea1469db0b9379c99dc2 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

614d76652c2200e394b860c180e9b44f3bccf99f172bea1469db0b9379c99dc2
Size

1.4MB
Sample

220726-ssfh5aahfr
MD5

c0aec085c4a40d42297566227d175847
SHA1

109514c9f0e1738b359db8623e3208c40f9dfd95
SHA256

614d76652c2200e394b860c180e9b44f3bccf99f172bea1469db0b9379c99dc2
SHA512

b9a11d46e2c40a2e7fcb782f321446f39f4f210e4f15e9433661ed8d9ce61d5f996bbde0dd3739a0046bbd7f43d47e7170b83d4a6b115a0cb03c132b19ecc57e

Score

10^/10

bitrat trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

614d76652c2200e394b860c180e9b44f3bccf99f172bea1469db0b9379c99dc2.exe

Resource

win10v2004-20220721-en

bitrat trojan upx

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

bitm064.duckdns.org:7904

Attributes

communication_password
81dc9bdb52d04dc20036dbd8313ed055
tor_process
tor

Targets

- Target
  
  614d76652c2200e394b860c180e9b44f3bccf99f172bea1469db0b9379c99dc2
- Size
  
  1.4MB
- MD5
  
  c0aec085c4a40d42297566227d175847
- SHA1
  
  109514c9f0e1738b359db8623e3208c40f9dfd95
- SHA256
  
  614d76652c2200e394b860c180e9b44f3bccf99f172bea1469db0b9379c99dc2
- SHA512
  
  b9a11d46e2c40a2e7fcb782f321446f39f4f210e4f15e9433661ed8d9ce61d5f996bbde0dd3739a0046bbd7f43d47e7170b83d4a6b115a0cb03c132b19ecc57e
Score

10^/10

bitrat trojan upx
- BitRAT
  BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
  trojan bitrat
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bitrattrojanupx

© 2018-2024

Terms | Privacy