General
-
Target
http://178.249.213.106/BRT.exe
-
Sample
230904-c8r9vsdd81
Score
10/10
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
http://178.249.213.106/BRT.exe
Resource
win10v2004-20230831-en
windows10-2004-x64
16 signatures
150 seconds
Malware Config
Extracted
Family
bitrat
Version
1.38
C2
smgqnt3eixxksasu.xyz:1234
Attributes
-
communication_password
30afda4853ef5b1bc36463ba95d84247
-
tor_process
tor
Targets
-
-
Target
http://178.249.213.106/BRT.exe
Score10/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-