bitrat | 1d80fee1f9266fe2738f514614449d5dedb2374293e7489ec54d61c7d5634bac | Triage

Submit
Reports

Overview

overview

Static

static

A0D576575C...A7.exe

windows7-x64

A0D576575C...A7.exe

windows10-2004-x64

Sharing

General

Target

A0D576575C443902F50BA9DBF937E3A7.exe
Size

3.8MB
Sample

240224-y4zc9sed4v
MD5

a0d576575c443902f50ba9dbf937e3a7
SHA1

2a0c612e172e19f8da5115c5c0fb5bd9c6bd9a1f
SHA256

1d80fee1f9266fe2738f514614449d5dedb2374293e7489ec54d61c7d5634bac
SHA512

326b276400d6703c5416b506f5e36e63c30c282765bb3bd730c20d0697277400f90855a7301e4a278db79b6c6126a417fd964047508d4fe4a7d85883d96c2f50
SSDEEP

98304:d77Pmq33rE/JDLPWZADUGer7B6iY74M/dmlwXVZ4FB:5+R/eZADUXR

Score

10^/10

bitrat trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

A0D576575C443902F50BA9DBF937E3A7.exe

Resource

win7-20240221-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

A0D576575C443902F50BA9DBF937E3A7.exe

Resource

win10v2004-20240221-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

87.98.177.182:3131

Attributes

communication_password
3c3662bcb661d6de679c636744c66b62
tor_process
tls

Targets

- Target
  
  A0D576575C443902F50BA9DBF937E3A7.exe
- Size
  
  3.8MB
- MD5
  
  a0d576575c443902f50ba9dbf937e3a7
- SHA1
  
  2a0c612e172e19f8da5115c5c0fb5bd9c6bd9a1f
- SHA256
  
  1d80fee1f9266fe2738f514614449d5dedb2374293e7489ec54d61c7d5634bac
- SHA512
  
  326b276400d6703c5416b506f5e36e63c30c282765bb3bd730c20d0697277400f90855a7301e4a278db79b6c6126a417fd964047508d4fe4a7d85883d96c2f50
- SSDEEP
  
  98304:d77Pmq33rE/JDLPWZADUGer7B6iY74M/dmlwXVZ4FB:5+R/eZADUXR
Score

10^/10

bitrat trojan
- BitRAT
  BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
  trojan bitrat
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy