bitrat | 08b44be5d6721d2b20fa1de5fa8d1f80d84d9d424f6fefc06b01a9a81670aec8 | Triage

Submit
Reports

Overview

overview

Static

static

1

8924a53be4...77.exe

windows7-x64

8924a53be4...77.exe

windows10-2004-x64

Sharing

General

Target

8924a53be46439d1c258a10b59596b77
Size

3.0MB
Sample

231219-yjqkmahhg4
MD5

8924a53be46439d1c258a10b59596b77
SHA1

6cf13347e475772a66e67f5f529a908956dfd00d
SHA256

08b44be5d6721d2b20fa1de5fa8d1f80d84d9d424f6fefc06b01a9a81670aec8
SHA512

b322d44280e7eff437d0c429f6cfd7af7cf05ea0a8598a9dd42a89b1b6712a1c5f80f1a676d7e1eaf71188f82b68e5c32078e3b376efea97c81df2d594b8eeab
SSDEEP

49152:YJXZRkXRxWCBu72E76E5jXVL5w9lmVOALga7n0Yy:Ky

Score

10^/10

bitrat trojan

Static task

static1

Behavioral task

behavioral1

Sample

8924a53be46439d1c258a10b59596b77.exe

Resource

win7-20231215-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

8924a53be46439d1c258a10b59596b77.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

194.33.45.3:4898

Attributes

communication_password
89ec00ac3524ab4f7edd70785d23e302
tor_process
tor

Targets

- Target
  
  8924a53be46439d1c258a10b59596b77
- Size
  
  3.0MB
- MD5
  
  8924a53be46439d1c258a10b59596b77
- SHA1
  
  6cf13347e475772a66e67f5f529a908956dfd00d
- SHA256
  
  08b44be5d6721d2b20fa1de5fa8d1f80d84d9d424f6fefc06b01a9a81670aec8
- SHA512
  
  b322d44280e7eff437d0c429f6cfd7af7cf05ea0a8598a9dd42a89b1b6712a1c5f80f1a676d7e1eaf71188f82b68e5c32078e3b376efea97c81df2d594b8eeab
- SSDEEP
  
  49152:YJXZRkXRxWCBu72E76E5jXVL5w9lmVOALga7n0Yy:Ky
Score

10^/10

bitrat trojan
- BitRAT
  BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
  trojan bitrat
- Nirsoft
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy