bitrat | 00f90cda9f514832ed2e3d6c232ad0677b2bad1550719cf2a02f1988980942ff | Triage

Sharing

General

Target

9d60e01d9595b6c66499c8bf32c2ea65
Size

3.9MB
Sample

240215-jv913scd3x
MD5

9d60e01d9595b6c66499c8bf32c2ea65
SHA1

619e2c8bf88d90c5982b22176597ec2525a88ce1
SHA256

00f90cda9f514832ed2e3d6c232ad0677b2bad1550719cf2a02f1988980942ff
SHA512

11fee982a4ded0f498b51a707e0622fc7d49de25e69bf7def6772e71997fcec18a3fc352b22eff260663f77abbda6dcc52daa406d1478d5ab02992245f7fda38
SSDEEP

98304:yU2vuU2djpabFxBaSpKHm/E/QJi3WpQnoE7/AWTM7/YlnuvzKf83e:KaOFxsPH/rWpQnoEDA0+Ylnb8

Score

10^/10

bitrat trojan

Malware Config

Targets

- Target
  
  9d60e01d9595b6c66499c8bf32c2ea65
- Size
  
  3.9MB
- MD5
  
  9d60e01d9595b6c66499c8bf32c2ea65
- SHA1
  
  619e2c8bf88d90c5982b22176597ec2525a88ce1
- SHA256
  
  00f90cda9f514832ed2e3d6c232ad0677b2bad1550719cf2a02f1988980942ff
- SHA512
  
  11fee982a4ded0f498b51a707e0622fc7d49de25e69bf7def6772e71997fcec18a3fc352b22eff260663f77abbda6dcc52daa406d1478d5ab02992245f7fda38
- SSDEEP
  
  98304:yU2vuU2djpabFxBaSpKHm/E/QJi3WpQnoE7/AWTM7/YlnuvzKf83e:KaOFxsPH/rWpQnoEDA0+Ylnb8
Score

10^/10

bitrat trojan
- BitRAT
  BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
  trojan bitrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2