Overview

overview

10

Static

static

10

2856-74-0x...ry.exe

windows7-x64

1

2856-74-0x...ry.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2856-74-0x0000000000400000-0x00000000007E4000-memory.dmp

  • Size

    3.9MB

  • MD5

    856e3f1e873d962d86c6c065e1e158b5

  • SHA1

    57778be8ba2e9ab8a972abdc0e9d20318b0805fa

  • SHA256

    c988416e94db430ee34f7f8e1d323201e1184289a066c7e85cae323946358b5c

  • SHA512

    f697fc7862a4f0da786e70a1ef2d17e91e9fab458ff29c2907103d7713da99cf7d1b29a86b9132ab67c542ff2675bf1ce0711b194285f9b9d743d145172619f7

  • SSDEEP

    98304:f77Pmq33rE/JDLPWZADUGer7B6iY74M/umlwXVZ:3+R/eZADUXR

Score
10/10
upxbitrat

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

xwm.dynuddns.com:8889

Attributes
  • communication_password

    cba52b50d9cf77a308a6bedcd075f95e

  • tor_process

    tor

Signatures

  • Bitrat family
    bitrat
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2856-74-0x0000000000400000-0x00000000007E4000-memory.dmp
    .exe windows x86


    Headers

    Sections