bitrat | 23ac6a9a61ddc568b82e23d19873e1756be1450cd9989f698be3d18f083f24aa[.]bin[.]sample

Resubmissions

09-04-2024 13:11

240409-qe3emafg95 10

09-04-2024 13:11

09-04-2024 13:10

09-04-2024 13:10

10-07-2021 10:36

Sharing

Copy URL

Twitter E-mail

General

Target

23ac6a9a61ddc568b82e23d19873e1756be1450cd9989f698be3d18f083f24aa.bin.sample
Size

5.2MB
MD5

0bff2eb7cf8fbbf17ff6594b09101e3b
SHA1

bfa77a5afa5d45aa178edc14361ca2a5825c96f5
SHA256

23ac6a9a61ddc568b82e23d19873e1756be1450cd9989f698be3d18f083f24aa
SHA512

0861b861e3579ea7867515cea737f811b28bdc689fe24a8e89d1cd9c47d621eb76488a444406d604e0ac860d5f4a8ec73d931828d4281372ad7827af61e73f13
SSDEEP

98304:3mcwWGj36qlPEo+AiJGIvKL10DGXPXbgkIjqNFHBAMSEFkU9WFn5fG2iD8ND3+P:2BP7lPEo+Phu3LjIjqjHBqEFPEF579Nr

Score

10^/10

upx bitrat

Malware Config

Signatures

BitRAT payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/out.upx	family_bitrat

Bitrat family
bitrat
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
upx

Processes:

resource yara_rule

sample upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

Processes:

resource
23ac6a9a61ddc568b82e23d19873e1756be1450cd9989f698be3d18f083f24aa.bin.sample
unpack001/out.upx

Files

23ac6a9a61ddc568b82e23d19873e1756be1450cd9989f698be3d18f083f24aa.bin.sample
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 4.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 5.2MB - Virtual size: 5.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 4.1MB

UPX1 Size: 5.2MB - Virtual size: 5.2MB

.rsrc Size: 1024B - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

.rdata Size: 1.4MB - Virtual size: 1.4MB

.data Size: 78KB - Virtual size: 126KB

.gfids Size: 4KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 4.0MB - Virtual size: 4.0MB

UPX0
Size: - Virtual size: 4.1MB

UPX1
Size: 5.2MB - Virtual size: 5.2MB

.rsrc
Size: 1024B - Virtual size: 4KB

.text
Size: 3.7MB - Virtual size: 3.7MB

.rdata
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 78KB - Virtual size: 126KB

.gfids
Size: 4KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 4.0MB - Virtual size: 4.0MB