General
-
Target
4072-138-0x0000000010410000-0x00000000107F4000-memory.dmp
-
Size
3.9MB
-
MD5
1b502e65de1e05ef7b5d9b0420b65fef
-
SHA1
033a68c2075a580ae79d0265b576a5e667c4d27f
-
SHA256
403d8af03d6303ce8b5dd5e971596097a3c1d87a4855ee353b09125332b86a08
-
SHA512
160bf91666fdd31f13ce6a46ce3fa330a932c58fadd7f3354975e1ac3cbaef5182fb8b8b5e6f2d3c7a95e79839cfaea0eafbde915be9ff22a23630f40f7099c3
-
SSDEEP
98304:67RKCUqvxgjL4GhDZb62wGfnf6BoMvMU3H:Ep2MGJl62wCyV
Score
10/10
Malware Config
Extracted
Family
bitrat
Version
1.38
C2
winery.nsupdate.info:5877
Attributes
-
communication_password
e5ff7c52fb3501484ea7ca8641803415
-
tor_process
tor
Signatures
-
Bitrat family
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
Files
-
4072-138-0x0000000010410000-0x00000000107F4000-memory.dmp
Headers
Sections