General
-
Target
jbit.exe
-
Size
81.1MB
-
Sample
230805-3tmc6sgf41
-
MD5
8eda3b52a16bb07d5a03441c10296502
-
SHA1
35ac1bafbedf456bf4cca1606673501a5200e623
-
SHA256
23abe80bf01902aca2c57c6494ef60780187a870d01d964790306a10b3fa23ad
-
SHA512
9f9e09c7b1645785d560f6cdd408714a544ef058197731626cf66d8708b43ef35b7116c7b5a15986fb7b11ff3513387db97e06dae42650ab0310ece0c943cac8
-
SSDEEP
1572864:bUSBvWtkRbCHf7RKxFOBS/DllaKg1h6xyPbm2oXMyOwGR2sedKdiizqZ4ujuw5b9:bRBvw4wDqFWS/DDumMP63XVXY2sedKdM
Static task
static1
Behavioral task
behavioral1
Sample
jbit.exe
Resource
win7-20230712-en
Malware Config
Extracted
bitrat
1.38
backu4734.duckdns.org:7904
-
communication_password
202cb962ac59075b964b07152d234b70
-
tor_process
tor
Targets
-
-
Target
jbit.exe
-
Size
81.1MB
-
MD5
8eda3b52a16bb07d5a03441c10296502
-
SHA1
35ac1bafbedf456bf4cca1606673501a5200e623
-
SHA256
23abe80bf01902aca2c57c6494ef60780187a870d01d964790306a10b3fa23ad
-
SHA512
9f9e09c7b1645785d560f6cdd408714a544ef058197731626cf66d8708b43ef35b7116c7b5a15986fb7b11ff3513387db97e06dae42650ab0310ece0c943cac8
-
SSDEEP
1572864:bUSBvWtkRbCHf7RKxFOBS/DllaKg1h6xyPbm2oXMyOwGR2sedKdiizqZ4ujuw5b9:bRBvw4wDqFWS/DDumMP63XVXY2sedKdM
-
Drops startup file
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-