Overview

overview

10

Static

static

5

54375a390c...JC.exe

windows7-x64

10

54375a390c...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    54375a390c52d783d96492938d05920567a0232c2c22436161e83f21745b7711_JC.exe

  • Size

    967KB

  • Sample

    230906-w2f3ssaf9w

  • MD5

    29e932d3d12d1811d99691acb7f228bc

  • SHA1

    4c67dd3dbb393ba68e602ed43223001bb88d94e4

  • SHA256

    54375a390c52d783d96492938d05920567a0232c2c22436161e83f21745b7711

  • SHA512

    39d2e21c86b5fd3bac702837f7c95ffe6a0119f9647998e0496a14a6c1f0f81f65fc331977ea16bc4a041d000d80942aa374538c9f9016e6e59f9eac01cdf98f

  • SSDEEP

    24576:BqDEvCTbMWu7rQYlBQcBiT6rprG8aNrpmD:BTvC/MTQYxsWR7aNo

Score
10/10
bitrattrojanupx

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

xwm.dynuddns.com:8889

Attributes
  • communication_password

    cba52b50d9cf77a308a6bedcd075f95e

  • tor_process

    tor

Targets

    • Target

      54375a390c52d783d96492938d05920567a0232c2c22436161e83f21745b7711_JC.exe

    • Size

      967KB

    • MD5

      29e932d3d12d1811d99691acb7f228bc

    • SHA1

      4c67dd3dbb393ba68e602ed43223001bb88d94e4

    • SHA256

      54375a390c52d783d96492938d05920567a0232c2c22436161e83f21745b7711

    • SHA512

      39d2e21c86b5fd3bac702837f7c95ffe6a0119f9647998e0496a14a6c1f0f81f65fc331977ea16bc4a041d000d80942aa374538c9f9016e6e59f9eac01cdf98f

    • SSDEEP

      24576:BqDEvCTbMWu7rQYlBQcBiT6rprG8aNrpmD:BTvC/MTQYxsWR7aNo

    Score
    10/10
    bitrattrojanupx

    • BitRAT

      BitRAT is a remote access tool written in C++ and uses leaked source code from other families.

      trojanbitrat

    • Blocklisted process makes network request

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks