Overview

overview

10

Static

static

SecuriteIn...59.exe

windows7-x64

10

SecuriteIn...59.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Other.Malware-gen.19697.1059.exe

  • Size

    3.8MB

  • Sample

    221004-3pegrsdbgr

  • MD5

    8609a72b7b7ba46f1fc639e609c0870b

  • SHA1

    2b2692d603ee2d00a4845a6de336875094b2b810

  • SHA256

    5fc5899a46fe351361fc6245bfec6143e1f0daa8c2abf6a247af39e5a3c53353

  • SHA512

    9941a96754aafc4ef4671f2f591f2e156de1b622494e0c7e5c469989214b4c98998e5b7e03b75e513ddcb078c5d464b2d884c4db392e3096bd8fb604cc725166

  • SSDEEP

    98304:P8iFdZx/7WCDQDoZRmP+2Kn3jyidc/qhDov:P8iFdfSzoUm2KnTa

Score
10/10
bitrattrojan

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

185.174.40.147:5200

Attributes
  • communication_password

    e10adc3949ba59abbe56e057f20f883e

  • tor_process

    tor

Targets

    • Target

      SecuriteInfo.com.Other.Malware-gen.19697.1059.exe

    • Size

      3.8MB

    • MD5

      8609a72b7b7ba46f1fc639e609c0870b

    • SHA1

      2b2692d603ee2d00a4845a6de336875094b2b810

    • SHA256

      5fc5899a46fe351361fc6245bfec6143e1f0daa8c2abf6a247af39e5a3c53353

    • SHA512

      9941a96754aafc4ef4671f2f591f2e156de1b622494e0c7e5c469989214b4c98998e5b7e03b75e513ddcb078c5d464b2d884c4db392e3096bd8fb604cc725166

    • SSDEEP

      98304:P8iFdZx/7WCDQDoZRmP+2Kn3jyidc/qhDov:P8iFdfSzoUm2KnTa

    Score
    10/10
    bitrattrojan

    • BitRAT

      BitRAT is a remote access tool written in C++ and uses leaked source code from other families.

      trojanbitrat

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks