bitrat | 4691e86098f4a2fe6ed76c46dc7584ae25d9396b06427a47a00ce1156d38f12b | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

4691e86098f4a2fe6ed76c46dc7584ae25d9396b06427a47a00ce1156d38f12b
Size

4.5MB
Sample

220928-xxtnrsghc2
MD5

8a325dde02cad3ca42c87d9165479fc4
SHA1

168ade6695c2ab546d750cb9a7a8026f239b016d
SHA256

4691e86098f4a2fe6ed76c46dc7584ae25d9396b06427a47a00ce1156d38f12b
SHA512

cef03ddb55d77676ffb17a4e6b2650e2be5cd1fd152f0f6baa7c83d97da95a1222c0677d13720659ab4df045ff0098bdca7cb1dd3300ee76f26df641d960da8f
SSDEEP

98304:IW7B8cRkSx2gl6VU0dTlxmgURaFhjEKI0UnUB7bN2:IM8O2X9dJ4gUQXnIdyb

Score

10^/10

bitrat trojan

Static task

static1

Behavioral task

behavioral1

Sample

4691e86098f4a2fe6ed76c46dc7584ae25d9396b06427a47a00ce1156d38f12b.exe

Resource

win10-20220812-en

windows10-1703-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

103.125.190.185:1234

Attributes

communication_password
827ccb0eea8a706c4c34a16891f84e7b
tor_process
tor

Targets

- Target
  
  4691e86098f4a2fe6ed76c46dc7584ae25d9396b06427a47a00ce1156d38f12b
- Size
  
  4.5MB
- MD5
  
  8a325dde02cad3ca42c87d9165479fc4
- SHA1
  
  168ade6695c2ab546d750cb9a7a8026f239b016d
- SHA256
  
  4691e86098f4a2fe6ed76c46dc7584ae25d9396b06427a47a00ce1156d38f12b
- SHA512
  
  cef03ddb55d77676ffb17a4e6b2650e2be5cd1fd152f0f6baa7c83d97da95a1222c0677d13720659ab4df045ff0098bdca7cb1dd3300ee76f26df641d960da8f
- SSDEEP
  
  98304:IW7B8cRkSx2gl6VU0dTlxmgURaFhjEKI0UnUB7bN2:IM8O2X9dJ4gUQXnIdyb
Score

10^/10

bitrat trojan
- BitRAT
  BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
  trojan bitrat
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy