bitrat | 4748b94802d984b33b2fb85bf3b270825eb3eb021f7132d8ccdeca86863e95cd | Triage

Submit
Reports

Overview

overview

Static

static

In012657AK.exe

windows7-x64

In012657AK.exe

windows10-2004-x64

8

Sharing

General

Target

In012657AK.exe
Size

300.0MB
Sample

221027-vm58psdaar
MD5

29845e4bb10cc5b292296e9ad7fb2796
SHA1

4ca80f348bf73f40da9d99861b9aeb721e4cffbd
SHA256

4748b94802d984b33b2fb85bf3b270825eb3eb021f7132d8ccdeca86863e95cd
SHA512

20d03122283459182ac5b74aa36b9cbd7af3a95d9e1695fd60ac8863f9ce2cbac3c1c09224711ed00370febd05d678acb7ad5907b71c56835cbc7fb95f803fb1
SSDEEP

24576:d5rVm/hz8mGTYKHvQoy17AmBr3xQctbOy8wqhzUujv+pPgJ6aIlGb4+Thid0YFB5:d52J6HYoyFA0rhQdm6+Hl7qk0Yl4mgS

Score

10^/10

bitrat trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

In012657AK.exe

Resource

win7-20220812-en

bitrat trojan upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

In012657AK.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

akatabit1915.duckdns.org:1915

Attributes

communication_password
e10adc3949ba59abbe56e057f20f883e
tor_process
tor

Targets

- Target
  
  In012657AK.exe
- Size
  
  300.0MB
- MD5
  
  29845e4bb10cc5b292296e9ad7fb2796
- SHA1
  
  4ca80f348bf73f40da9d99861b9aeb721e4cffbd
- SHA256
  
  4748b94802d984b33b2fb85bf3b270825eb3eb021f7132d8ccdeca86863e95cd
- SHA512
  
  20d03122283459182ac5b74aa36b9cbd7af3a95d9e1695fd60ac8863f9ce2cbac3c1c09224711ed00370febd05d678acb7ad5907b71c56835cbc7fb95f803fb1
- SSDEEP
  
  24576:d5rVm/hz8mGTYKHvQoy17AmBr3xQctbOy8wqhzUujv+pPgJ6aIlGb4+Thid0YFB5:d52J6HYoyFA0rhQdm6+Hl7qk0Yl4mgS
Score

10^/10

bitrat trojan upx
- BitRAT
  BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
  trojan bitrat
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bitrattrojanupx

behavioral2

© 2018-2024

Terms | Privacy