Overview

overview

10

Static

static

10

4992-316-0...ry.exe

windows7-x64

10

4992-316-0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4992-316-0x0000000000400000-0x00000000007E4095-memory.dmp

  • Size

    3.9MB

  • Sample

    220921-e4cpqaafcl

  • MD5

    4673d79b35e7136f6ab7aff590d4ad16

  • SHA1

    94ee039a2f91bc9ae9fca75ea4571c2ed5063ff3

  • SHA256

    72bc77940b26a430a514276624872968123a80474ce8a6eb5c5993bbd36aa1ed

  • SHA512

    982cf559fbfe6e4dc290dbcca2da4ec448568f6cf3b2cdb787e9a2559aa99f2ecd3ef191fc43951f0a2324e9478f880d1f98e2e61f65babe271fbf3a10f13497

  • SSDEEP

    98304:M77Pmq33rE/JDLPWZADUGer7B6iY74M/KmlwXVZL:a+R/eZADUXRT

Score
10/10
bitrattrojanupx

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

febbit2.ddns.net:6655

Attributes
  • communication_password

    81dc9bdb52d04dc20036dbd8313ed055

  • tor_process

    tor

Targets

    • Target

      4992-316-0x0000000000400000-0x00000000007E4095-memory.dmp

    • Size

      3.9MB

    • MD5

      4673d79b35e7136f6ab7aff590d4ad16

    • SHA1

      94ee039a2f91bc9ae9fca75ea4571c2ed5063ff3

    • SHA256

      72bc77940b26a430a514276624872968123a80474ce8a6eb5c5993bbd36aa1ed

    • SHA512

      982cf559fbfe6e4dc290dbcca2da4ec448568f6cf3b2cdb787e9a2559aa99f2ecd3ef191fc43951f0a2324e9478f880d1f98e2e61f65babe271fbf3a10f13497

    • SSDEEP

      98304:M77Pmq33rE/JDLPWZADUGer7B6iY74M/KmlwXVZL:a+R/eZADUXRT

    Score
    10/10
    bitrattrojanupx

    • BitRAT

      BitRAT is a remote access tool written in C++ and uses leaked source code from other families.

      trojanbitrat

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks