bitrat | 00f90cda9f514832ed2e3d6c232ad0677b2bad1550719cf2a02f1988980942ff | Triage

Sharing

General

Target

9d60e01d9595b6c66499c8bf32c2ea65
Size

3.9MB
Sample

240215-jv913scd3x
MD5

9d60e01d9595b6c66499c8bf32c2ea65
SHA1

619e2c8bf88d90c5982b22176597ec2525a88ce1
SHA256

00f90cda9f514832ed2e3d6c232ad0677b2bad1550719cf2a02f1988980942ff
SHA512

11fee982a4ded0f498b51a707e0622fc7d49de25e69bf7def6772e71997fcec18a3fc352b22eff260663f77abbda6dcc52daa406d1478d5ab02992245f7fda38
SSDEEP

98304:yU2vuU2djpabFxBaSpKHm/E/QJi3WpQnoE7/AWTM7/YlnuvzKf83e:KaOFxsPH/rWpQnoEDA0+Ylnb8

Score

10^/10

bitrat trojan

Malware Config

Targets

- Target
  
  9d60e01d9595b6c66499c8bf32c2ea65
- Size
  
  3.9MB
- MD5
  
  9d60e01d9595b6c66499c8bf32c2ea65
- SHA1
  
  619e2c8bf88d90c5982b22176597ec2525a88ce1
- SHA256
  
  00f90cda9f514832ed2e3d6c232ad0677b2bad1550719cf2a02f1988980942ff
- SHA512
  
  11fee982a4ded0f498b51a707e0622fc7d49de25e69bf7def6772e71997fcec18a3fc352b22eff260663f77abbda6dcc52daa406d1478d5ab02992245f7fda38
- SSDEEP
  
  98304:yU2vuU2djpabFxBaSpKHm/E/QJi3WpQnoE7/AWTM7/YlnuvzKf83e:KaOFxsPH/rWpQnoEDA0+Ylnb8
Score

10^/10

bitrat trojan
- BitRAT
  BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
  trojan bitrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2