bitrat | 3fe6b840e057a28be8300bacbc4c2fe7f3c2711911206cad2e6a6e6a2e5207e3 | Triage

Submit
Reports

Overview

overview

Static

static

1

The Predic....8.msi

windows7-x64

The Predic....8.msi

windows10-2004-x64

Sharing

General

Target

The Predictor 7.6.8.msi
Size

9.9MB
Sample

240120-v38c1aebe7
MD5

e93294aa36d5ffa52e3288e9b68aa97e
SHA1

4bc3b7d7aa86cc9cce78222f22dc49d1e3496879
SHA256

3fe6b840e057a28be8300bacbc4c2fe7f3c2711911206cad2e6a6e6a2e5207e3
SHA512

e8564a98c6621fdfc47bf24118088e468e14ad4e94de505ed2698f66065218d901736f0fc03983cb88ac064f12d3bbc19640771a3524abda727b954109003da1
SSDEEP

196608:asXAv5pYll8mqqYJeTTtzJVMHw2RFxiKhf6NEGRn2N9CdE:X6ClakfTt9Vf0FxLoNHR2mC

Score

10^/10

bitrat trojan

Static task

static1

Behavioral task

behavioral1

Sample

The Predictor 7.6.8.msi

Resource

win7-20231215-en

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral2

Sample

The Predictor 7.6.8.msi

Resource

win10v2004-20231215-en

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

185.157.162.126:443

Attributes

communication_password
a76d949640a165da25ccfe9a8fd82c8a
tor_process
tor

Targets

- Target
  
  The Predictor 7.6.8.msi
- Size
  
  9.9MB
- MD5
  
  e93294aa36d5ffa52e3288e9b68aa97e
- SHA1
  
  4bc3b7d7aa86cc9cce78222f22dc49d1e3496879
- SHA256
  
  3fe6b840e057a28be8300bacbc4c2fe7f3c2711911206cad2e6a6e6a2e5207e3
- SHA512
  
  e8564a98c6621fdfc47bf24118088e468e14ad4e94de505ed2698f66065218d901736f0fc03983cb88ac064f12d3bbc19640771a3524abda727b954109003da1
- SSDEEP
  
  196608:asXAv5pYll8mqqYJeTTtzJVMHw2RFxiKhf6NEGRn2N9CdE:X6ClakfTt9Vf0FxLoNHR2mC
Score

10^/10

bitrat trojan
- BitRAT
  BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
  trojan bitrat
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy