bitrat | ca90a2014f3fcf373516b62575649dfa84005a5bba929be80732076a72e5b249 | Triage

Submit
Reports

Overview

overview

Static

static

1

mark.exe

windows7-x64

Sharing

General

Target

mark.exe
Size

4.0MB
Sample

240117-kesbrsbgel
MD5

f81daa62b8a7faba9b529b0c87d3caa2
SHA1

0df66176605d810ccb12644e3c94c2de703ce1d5
SHA256

ca90a2014f3fcf373516b62575649dfa84005a5bba929be80732076a72e5b249
SHA512

065e4f88cdb4a16390475ed49c86046208e8db01313e34b09cc4965234f92ac371488a65a57c06ea27802aea9c75a4afdf59724e193e2c2a218128e43f054be0
SSDEEP

49152:0yX+ajZM0IE8omYWh5gu/8qaR2ihf6TI76DPPjhVTZW3bGnWjZ5wVg76Dcj741a0:0yXDdIE2YcGuUfRPhfoHTYeQOVgua0

Score

10^/10

bitrat redline infostealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

mark.exe

Resource

win7-20231215-en

bitrat redline infostealer trojan

windows7-x64

15 signatures

150 seconds

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

serese.duckdns.org:20612

Attributes

communication_password
81dc9bdb52d04dc20036dbd8313ed055
tor_process
tor

Targets

- Target
  
  mark.exe
- Size
  
  4.0MB
- MD5
  
  f81daa62b8a7faba9b529b0c87d3caa2
- SHA1
  
  0df66176605d810ccb12644e3c94c2de703ce1d5
- SHA256
  
  ca90a2014f3fcf373516b62575649dfa84005a5bba929be80732076a72e5b249
- SHA512
  
  065e4f88cdb4a16390475ed49c86046208e8db01313e34b09cc4965234f92ac371488a65a57c06ea27802aea9c75a4afdf59724e193e2c2a218128e43f054be0
- SSDEEP
  
  49152:0yX+ajZM0IE8omYWh5gu/8qaR2ihf6TI76DPPjhVTZW3bGnWjZ5wVg76Dcj741a0:0yXDdIE2YcGuUfRPhfoHTYeQOVgua0
Score

10^/10

bitrat redline infostealer trojan
- BitRAT
  BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
  trojan bitrat
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bitratredlineinfostealertrojan

© 2018-2024

Terms | Privacy