bitrat | 2247b9fb60f776ce6f6a60f9c6b4b5ab883cf9e1192fdf0db5ff844040a6a9c2 | Triage

Sharing

General

Target

1504-61-0x0000000000400000-0x00000000007D3000-memory.dmp
Size

3.8MB
Sample

220910-byy4zsdbcn
MD5

96a2868503a015a3786ec69330bae875
SHA1

b7ac0c90d8300add1bc4257816f4beb279c85ec8
SHA256

2247b9fb60f776ce6f6a60f9c6b4b5ab883cf9e1192fdf0db5ff844040a6a9c2
SHA512

38f2f95a40261d04e0afb9b4ac47a47a28777cef7ea2ec92a482a28331b56bd6cacd015961a1be33b5fb6cce5502e7f4b853aca7bbfdd6a7bdf5e3c4249633e5
SSDEEP

98304:t77Pmq33rE/JDLPWZADUGer7B6iY74M/GmlwXVZhFB:J+R/eZADUXR

Score

10^/10

bitrat trojan

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

anubisgod.duckdns.org:1440

Attributes

communication_password
81dc9bdb52d04dc20036dbd8313ed055
install_dir
spottifyy
install_file
spottifyy.exe
tor_process
tor

Targets

- Target
  
  1504-61-0x0000000000400000-0x00000000007D3000-memory.dmp
- Size
  
  3.8MB
- MD5
  
  96a2868503a015a3786ec69330bae875
- SHA1
  
  b7ac0c90d8300add1bc4257816f4beb279c85ec8
- SHA256
  
  2247b9fb60f776ce6f6a60f9c6b4b5ab883cf9e1192fdf0db5ff844040a6a9c2
- SHA512
  
  38f2f95a40261d04e0afb9b4ac47a47a28777cef7ea2ec92a482a28331b56bd6cacd015961a1be33b5fb6cce5502e7f4b853aca7bbfdd6a7bdf5e3c4249633e5
- SSDEEP
  
  98304:t77Pmq33rE/JDLPWZADUGer7B6iY74M/GmlwXVZhFB:J+R/eZADUXR
Score

10^/10

bitrat trojan
- BitRAT
  BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
  trojan bitrat
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2