Extracted

• • Target

    0568f1eff0b3da74fd0f2ee51f6d12003c2471d05e547d5b7fb8d8a075d94cfd

  • Size

    3.8MB

  • MD5

    d1644422f803c81a6125aeb367ae7feb

  • SHA1

    ca59a64e8390d02331b273adc39ad19ef3149aa6

  • SHA256

    0568f1eff0b3da74fd0f2ee51f6d12003c2471d05e547d5b7fb8d8a075d94cfd

  • SHA512

    52732163630ec168ca31f67463ba818fbbbbc779a5d8a61af545fa25fd459086bdfe6686bf716660e9be90b8569b4ae67757feeff1000e245ab53998644d6dbd

  • SSDEEP

    98304:d77Pmq33rE/JDLPWZADUGer7B6iY74M/5mlwXVZ4FB:5+R/eZADUXR

  Score

  10^/10

  bitrattrojan

  • BitRAT

    BitRAT is a remote access tool written in C++ and uses leaked source code from other families.

    trojanbitrat

  • Suspicious use of NtSetInformationThreadHideFromDebugger

  behavioral1behavioral2