General
-
Target
4992-316-0x0000000000400000-0x00000000007E4095-memory.dmp
-
Size
3.9MB
-
MD5
4673d79b35e7136f6ab7aff590d4ad16
-
SHA1
94ee039a2f91bc9ae9fca75ea4571c2ed5063ff3
-
SHA256
72bc77940b26a430a514276624872968123a80474ce8a6eb5c5993bbd36aa1ed
-
SHA512
982cf559fbfe6e4dc290dbcca2da4ec448568f6cf3b2cdb787e9a2559aa99f2ecd3ef191fc43951f0a2324e9478f880d1f98e2e61f65babe271fbf3a10f13497
-
SSDEEP
98304:M77Pmq33rE/JDLPWZADUGer7B6iY74M/KmlwXVZL:a+R/eZADUXRT
Score
10/10
Malware Config
Extracted
Family
bitrat
Version
1.38
C2
febbit2.ddns.net:6655
Attributes
-
communication_password
81dc9bdb52d04dc20036dbd8313ed055
-
tor_process
tor
Signatures
-
Bitrat family
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
Files
-
4992-316-0x0000000000400000-0x00000000007E4095-memory.dmp
Headers
Sections