Overview

overview

10

Static

static

10

retards_rat.exe

windows7-x64

10

retards_rat.exe

windows10-1703-x64

10

retards_rat.exe

windows10-2004-x64

10

retards_rat.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    retards_rat.xxx

  • Size

    3.8MB

  • Sample

    240623-1nb9xatcpd

  • MD5

    590439aa5b90aa1ed9e9f1a5209f5ab6

  • SHA1

    22851e716ffe9b05c3e579e9650e9922d4efaf10

  • SHA256

    797e12d92006fae3fdd603573d613592e80e678e6da4de4faede6b95c790b932

  • SHA512

    ca02fa43fb32de79eb6e1f1c6a4bb31dfa62276906fdd749e76897c78a1dd8af48f0f0650ac2e68490b9e1d453f0159c187f3ba3d932f11a6690b1b336bcadfe

  • SSDEEP

    98304:d77Pmq33rE/JDLPWZADUGer7B6iY74M/vmlwXVZ4FB:5+R/eZADUXR

Score
10/10
bitrattrojan

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

47.75.99.242:1234

Attributes
  • communication_password

    81dc9bdb52d04dc20036dbd8313ed055

  • tor_process

    tor

Targets

    • Target

      retards_rat.xxx

    • Size

      3.8MB

    • MD5

      590439aa5b90aa1ed9e9f1a5209f5ab6

    • SHA1

      22851e716ffe9b05c3e579e9650e9922d4efaf10

    • SHA256

      797e12d92006fae3fdd603573d613592e80e678e6da4de4faede6b95c790b932

    • SHA512

      ca02fa43fb32de79eb6e1f1c6a4bb31dfa62276906fdd749e76897c78a1dd8af48f0f0650ac2e68490b9e1d453f0159c187f3ba3d932f11a6690b1b336bcadfe

    • SSDEEP

      98304:d77Pmq33rE/JDLPWZADUGer7B6iY74M/vmlwXVZ4FB:5+R/eZADUXR

    Score
    10/10
    bitrattrojan

    • BitRAT

      BitRAT is a remote access tool written in C++ and uses leaked source code from other families.

      trojanbitrat

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.