Overview

overview

10

Static

static

3

371b336da9...34.exe

windows7-x64

10

371b336da9...34.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    371b336da91abd01bf0522c7cbf47934

  • Size

    2.9MB

  • Sample

    231231-p9jekaggc8

  • MD5

    371b336da91abd01bf0522c7cbf47934

  • SHA1

    dca225e7018a9b628f2ae0998e6a01e7576751e4

  • SHA256

    28952976aeedba181c346d3180d389d540c7a341b69e23d92529825820c4d06e

  • SHA512

    52105ae02bab6066011e9bc9e4b06a2e79f90c92164974bc6508214c9234b04b29aeddc5715e73fe2fd93bc7b03644baf301f5e06c12243063e0361a56e55446

  • SSDEEP

    49152:x6PaI2dBi0xNC76XQX5a+8kE3Qf+d1MqVhd+qnpWu1oEcBONXobPTTZy78kx0y2A:GaRB9xN46XQX5a+WQ2v+qnp9QO+rYItI

Score
10/10
bitratzgratrattrojan

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

firewall.publicvm.com:25874

Attributes
  • communication_password

    a20ba4fb329f7dc66c0dd3562e9f9984

  • tor_process

    tor

Targets

    • Target

      371b336da91abd01bf0522c7cbf47934

    • Size

      2.9MB

    • MD5

      371b336da91abd01bf0522c7cbf47934

    • SHA1

      dca225e7018a9b628f2ae0998e6a01e7576751e4

    • SHA256

      28952976aeedba181c346d3180d389d540c7a341b69e23d92529825820c4d06e

    • SHA512

      52105ae02bab6066011e9bc9e4b06a2e79f90c92164974bc6508214c9234b04b29aeddc5715e73fe2fd93bc7b03644baf301f5e06c12243063e0361a56e55446

    • SSDEEP

      49152:x6PaI2dBi0xNC76XQX5a+8kE3Qf+d1MqVhd+qnpWu1oEcBONXobPTTZy78kx0y2A:GaRB9xN46XQX5a+WQ2v+qnp9QO+rYItI

    Score
    10/10
    bitratzgratrattrojan

    • BitRAT

      BitRAT is a remote access tool written in C++ and uses leaked source code from other families.

      trojanbitrat

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks