Overview

overview

10

Static

static

10

4d71edf00f...9c.exe

windows7-x64

10

4d71edf00f...9c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4d71edf00f46afcb1cc2905ed2e73c9c.exe

  • Size

    3.8MB

  • Sample

    221003-2pyd7sagd3

  • MD5

    4d71edf00f46afcb1cc2905ed2e73c9c

  • SHA1

    e212ba0421ee7aad27866e928f2083b218b7a4ed

  • SHA256

    df594a9ae021e4d000115897adfdc46d58ce28c327eca0b974cd3e4f87776820

  • SHA512

    f91286a44bb046c99d73a52b9858ac736b967c45932445a16271d730efaeba86bcc439e1a24891a84472ce31c816084da3f884b37bc40cd03a1bd1ec40e99c01

  • SSDEEP

    98304:X77Pmq33rE/JDLPWZADUGer7B6iY74M/jmlwXVZ:f+R/eZADUXR

Score
10/10
bitrattrojan

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

storage.nsupdate.info:8973

Attributes
  • communication_password

    bf771c9d082071fe80b18bb678220682

  • tor_process

    tor

Targets

    • Target

      4d71edf00f46afcb1cc2905ed2e73c9c.exe

    • Size

      3.8MB

    • MD5

      4d71edf00f46afcb1cc2905ed2e73c9c

    • SHA1

      e212ba0421ee7aad27866e928f2083b218b7a4ed

    • SHA256

      df594a9ae021e4d000115897adfdc46d58ce28c327eca0b974cd3e4f87776820

    • SHA512

      f91286a44bb046c99d73a52b9858ac736b967c45932445a16271d730efaeba86bcc439e1a24891a84472ce31c816084da3f884b37bc40cd03a1bd1ec40e99c01

    • SSDEEP

      98304:X77Pmq33rE/JDLPWZADUGer7B6iY74M/jmlwXVZ:f+R/eZADUXR

    Score
    10/10
    bitrattrojan

    • BitRAT

      BitRAT is a remote access tool written in C++ and uses leaked source code from other families.

      trojanbitrat

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks