General

  • Target

    1356-59-0x0000000000400000-0x00000000007CE000-memory.dmp

  • Size

    3.8MB

  • MD5

    1ccc9df680875933b2a56416bcdf6606

  • SHA1

    6111bb6ccef37f162d15ec43c2a05e5f7ad0343c

  • SHA256

    5f7f04bf41c7c3947fd9fb911483610e77ea276188319ee86e42b288712454c1

  • SHA512

    8b9aac0e49bdbc87ec5dc0c92fa1056dfe906b3df5e1601bc9765ca28213176c34ef163ecdb5eb75c0da841e9c8209e1988081b4d6e3060d58db36752fef655f

  • SSDEEP

    98304:877Pmq33rE/JDLPWZADUGer7B6iY74M/SmlwXVZ:K+R/eZADUXR

Score
10/10

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

aaaxxx60.hopto.org:400

Attributes
  • communication_password

    827ccb0eea8a706c4c34a16891f84e7b

  • tor_process

    tor

Signatures

  • Bitrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1356-59-0x0000000000400000-0x00000000007CE000-memory.dmp
    .exe windows x86


    Headers

    Sections