bitrat | 1d80fee1f9266fe2738f514614449d5dedb2374293e7489ec54d61c7d5634bac | Triage

Sharing

General

Target

1d80fee1f9266fe2738f514614449d5dedb2374293e7489ec54d61c7d5634bac.exe
Size

3.8MB
Sample

240225-fjrhtacf8w
MD5

a0d576575c443902f50ba9dbf937e3a7
SHA1

2a0c612e172e19f8da5115c5c0fb5bd9c6bd9a1f
SHA256

1d80fee1f9266fe2738f514614449d5dedb2374293e7489ec54d61c7d5634bac
SHA512

326b276400d6703c5416b506f5e36e63c30c282765bb3bd730c20d0697277400f90855a7301e4a278db79b6c6126a417fd964047508d4fe4a7d85883d96c2f50
SSDEEP

98304:d77Pmq33rE/JDLPWZADUGer7B6iY74M/dmlwXVZ4FB:5+R/eZADUXR

Score

10^/10

bitrat trojan

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

87.98.177.182:3131

Attributes

communication_password
3c3662bcb661d6de679c636744c66b62
tor_process
tls

Targets

- Target
  
  1d80fee1f9266fe2738f514614449d5dedb2374293e7489ec54d61c7d5634bac.exe
- Size
  
  3.8MB
- MD5
  
  a0d576575c443902f50ba9dbf937e3a7
- SHA1
  
  2a0c612e172e19f8da5115c5c0fb5bd9c6bd9a1f
- SHA256
  
  1d80fee1f9266fe2738f514614449d5dedb2374293e7489ec54d61c7d5634bac
- SHA512
  
  326b276400d6703c5416b506f5e36e63c30c282765bb3bd730c20d0697277400f90855a7301e4a278db79b6c6126a417fd964047508d4fe4a7d85883d96c2f50
- SSDEEP
  
  98304:d77Pmq33rE/JDLPWZADUGer7B6iY74M/dmlwXVZ4FB:5+R/eZADUXR
Score

10^/10

bitrat trojan
- BitRAT
  BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
  trojan bitrat
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2