bitrat | 2d4c73a07bc7f749b009ca30d6527ad8c25b6a6c107df5aef95ec311b5016cdb | Triage

Submit
Reports

Overview

overview

Static

static

3

2d4c73a07b...db.exe

windows7-x64

2d4c73a07b...db.exe

windows10-2004-x64

Sharing

General

Target

2d4c73a07bc7f749b009ca30d6527ad8c25b6a6c107df5aef95ec311b5016cdb
Size

2.9MB
Sample

230827-mlqsmaah6v
MD5

5b374f9893598fb7323a6fcc8a773418
SHA1

6fc6e18654fe76c2f057905ead38eadee0510e14
SHA256

2d4c73a07bc7f749b009ca30d6527ad8c25b6a6c107df5aef95ec311b5016cdb
SHA512

565970252145bc7f7ce692a5df60f83671c2ee7579d4779f95f8b2abca7c5764f9734fd1a2a898204e6f1d77361554da78162567e47bfed81ec83877a92b4d6e
SSDEEP

49152:kypQPq91dnWo21VjJVnDZo23Y2cj2/A4BD9DpTGqEme2CdXPckRBSBjTF:kybnWo2LjPDZB3Ypj2/AsrhE728XKF

Score

10^/10

bitrat trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2d4c73a07bc7f749b009ca30d6527ad8c25b6a6c107df5aef95ec311b5016cdb.exe

Resource

win7-20230712-en

bitrat trojan upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2d4c73a07bc7f749b009ca30d6527ad8c25b6a6c107df5aef95ec311b5016cdb.exe

Resource

win10v2004-20230703-en

bitrat trojan upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

bitrat

Version

1.34

C2

gordon6.hopto.org:1515

Attributes

communication_password
827ccb0eea8a706c4c34a16891f84e7b
tor_process
tor

Targets

- Target
  
  2d4c73a07bc7f749b009ca30d6527ad8c25b6a6c107df5aef95ec311b5016cdb
- Size
  
  2.9MB
- MD5
  
  5b374f9893598fb7323a6fcc8a773418
- SHA1
  
  6fc6e18654fe76c2f057905ead38eadee0510e14
- SHA256
  
  2d4c73a07bc7f749b009ca30d6527ad8c25b6a6c107df5aef95ec311b5016cdb
- SHA512
  
  565970252145bc7f7ce692a5df60f83671c2ee7579d4779f95f8b2abca7c5764f9734fd1a2a898204e6f1d77361554da78162567e47bfed81ec83877a92b4d6e
- SSDEEP
  
  49152:kypQPq91dnWo21VjJVnDZo23Y2cj2/A4BD9DpTGqEme2CdXPckRBSBjTF:kybnWo2LjPDZB3Ypj2/AsrhE728XKF
Score

10^/10

bitrat trojan upx
- BitRAT
  BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
  trojan bitrat
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bitrattrojanupx

behavioral2

bitrattrojanupx

© 2018-2024

Terms | Privacy