Overview

overview

10

Static

static

3

07756f43e7...f6.exe

windows7-x64

10

07756f43e7...f6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    07756f43e7e8a0f53e79c210ddb2a0f6

  • Size

    3.7MB

  • Sample

    231229-3s15yaadgk

  • MD5

    07756f43e7e8a0f53e79c210ddb2a0f6

  • SHA1

    c38c5d947fd9ecc9a326756307b3c1449dff00b7

  • SHA256

    2a0152a3160b530e6fb4b5427b10e610bb2d3b375b38d9a1437d3ead6ff4b92d

  • SHA512

    e37089aa356af57c698ae86a7d1aaf1417ebc6d055cc448ccde1148d4f01361c529559595080d9e207b29b9f4b503b4359981da34ec0d1ecded0c916c16170d6

  • SSDEEP

    98304:n372j4yiDFuXOvWn5ZTda/lt0Jj0pyC2sGiupo7Jusew:niKHvWn5JdYT090svzo7Jug

Score
10/10
bitratblisterloadertrojan

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

139.28.219.45:443

Attributes
  • communication_password

    a76d949640a165da25ccfe9a8fd82c8a

  • tor_process

    tor

Targets

    • Target

      07756f43e7e8a0f53e79c210ddb2a0f6

    • Size

      3.7MB

    • MD5

      07756f43e7e8a0f53e79c210ddb2a0f6

    • SHA1

      c38c5d947fd9ecc9a326756307b3c1449dff00b7

    • SHA256

      2a0152a3160b530e6fb4b5427b10e610bb2d3b375b38d9a1437d3ead6ff4b92d

    • SHA512

      e37089aa356af57c698ae86a7d1aaf1417ebc6d055cc448ccde1148d4f01361c529559595080d9e207b29b9f4b503b4359981da34ec0d1ecded0c916c16170d6

    • SSDEEP

      98304:n372j4yiDFuXOvWn5ZTda/lt0Jj0pyC2sGiupo7Jusew:niKHvWn5JdYT090svzo7Jug

    Score
    10/10
    bitratblisterloadertrojan

    • BLISTER

      BLISTER is a downloader used to deliver other malware families.

      loaderblister

    • BitRAT

      BitRAT is a remote access tool written in C++ and uses leaked source code from other families.

      trojanbitrat

    • Detect Blister loader x32

      loader

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks