General
-
Target
1192-70-0x0000000000400000-0x00000000007E4000-memory.dmp
-
Size
3.9MB
-
MD5
5b3a97cb04417938f7e694c3e27d59a3
-
SHA1
3f044a3153afb6a1338490c95e5282ba464d238c
-
SHA256
6c558f9f315c297e897276e2acdd844abafd938afe65d0f1120948e17b627bd2
-
SHA512
2fd03412e8a77f08b7c153c8d0b3ad2f4ea8ecbf913b0d14e4ae699c7eaf3140d713e8b98e8b2e4923c5ad0ab81f7c018f90341f509f0afbcd31d9915d29d5a6
-
SSDEEP
98304:l77Pmq33rE/JDLPWZADUGer7B6iY74M/gmlwXVZ:x+R/eZADUXR
Score
10/10
Malware Config
Extracted
Family
bitrat
Version
1.38
C2
bitone9090.duckdns.org:9090
Attributes
-
communication_password
e10adc3949ba59abbe56e057f20f883e
-
tor_process
tor
Signatures
-
Bitrat family
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
Files
-
1192-70-0x0000000000400000-0x00000000007E4000-memory.dmp
Headers
Sections