Overview

overview

7

Static

static

7

BitRAT/BitRAT.exe

windows10-2004-x64

7

BitRAT/BitRAT.exe.xml

windows10-2004-x64

1

BitRAT/Manual.pdf

windows10-2004-x64

1

BitRAT/dat...xe.png

windows10-2004-x64

3

BitRAT/dat...nc.exe

windows10-2004-x64

7

BitRAT/dat..._1.dll

windows10-2004-x64

3

BitRAT/dat...-6.dll

windows10-2004-x64

1

BitRAT/dat...-6.dll

windows10-2004-x64

1

BitRAT/dat...-6.dll

windows10-2004-x64

3

BitRAT/dat...-1.dll

windows10-2004-x64

3

BitRAT/dat..._1.dll

windows10-2004-x64

1

BitRAT/dat...-0.dll

windows10-2004-x64

3

BitRAT/dat...-1.dll

windows10-2004-x64

1

BitRAT/dat...or.exe

windows10-2004-x64

3

BitRAT/dat...b1.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/03/2023, 21:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BitRAT/data/modules/hvnc.exe

  • Size

    47KB

  • MD5

    d8aa0784ac3b8d7860b732a3e9f330b0

  • SHA1

    391c08797fb35ab12326cd2c49a62ec27243f6f8

  • SHA256

    ef34feff91c19c5fbca02fffb46420b912a9e4c8c043d41f044fd9a232335c8c

  • SHA512

    1156bbf279f141a3259f1e03a44c2d8fb73b782d6c4f5cd773e0c44589033d72f2053ca462dbf575298ef4e69cbb5ef0547d54fe282236fe4f04a7ae1c7d7a30

  • SSDEEP

    768:qAAx+jcvNh5l4Q+Rhn0VUWjkCeTjSkcrMVSvOv/BtUgPjQumGr7wHT/nU:qAAWeT6QK4tkckSu/BOgbxVErU

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Processes

  • C:\Users\Admin\AppData\Local\Temp\BitRAT\data\modules\hvnc.exe
    "C:\Users\Admin\AppData\Local\Temp\BitRAT\data\modules\hvnc.exe"
    1⤵
      PID:2984

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2984-133-0x0000000000C60000-0x0000000000C85000-memory.dmp

      Filesize

      148KB

      Download

    • memory/2984-134-0x0000000000C60000-0x0000000000C85000-memory.dmp

      Filesize

      148KB

      Download