bitrat | f4c06b5a5e05514eae99a568da52d486cec115eceeff1b814217e60b845c0592 | Triage

Sharing

General

Target

ac699cd9c851cca2acf025657c5792f0_JaffaCakes118
Size

5.5MB
Sample

240819-yykb6axepk
MD5

ac699cd9c851cca2acf025657c5792f0
SHA1

1afe48edc49e018329e35a4d8ffb543bee488a3f
SHA256

f4c06b5a5e05514eae99a568da52d486cec115eceeff1b814217e60b845c0592
SHA512

116bb93e95cc03d4b803c2cace8bcf45f47a44e4315cc24f9710509ec1078eb4d4679b13054d94fe6b0c74c833c8c681339739554d96220364991b383396d886
SSDEEP

98304:lVHhjviEClQVdlu3YmBZULTSGMxsBFlml+HRCfgfWQVn4yovjh2YSCSFe:PBjKEvjWYmBCKhmBDeMCSWQVn4y62YSM

Score

10^/10

bitrat discovery trojan

Malware Config

Extracted

Family

bitrat

Version

1.34

C2

185.157.162.234:54262

Attributes

communication_password
2bb232c0b13c774965ef8558f0fbd615
tor_process
tor

Targets

- Target
  
  ac699cd9c851cca2acf025657c5792f0_JaffaCakes118
- Size
  
  5.5MB
- MD5
  
  ac699cd9c851cca2acf025657c5792f0
- SHA1
  
  1afe48edc49e018329e35a4d8ffb543bee488a3f
- SHA256
  
  f4c06b5a5e05514eae99a568da52d486cec115eceeff1b814217e60b845c0592
- SHA512
  
  116bb93e95cc03d4b803c2cace8bcf45f47a44e4315cc24f9710509ec1078eb4d4679b13054d94fe6b0c74c833c8c681339739554d96220364991b383396d886
- SSDEEP
  
  98304:lVHhjviEClQVdlu3YmBZULTSGMxsBFlml+HRCfgfWQVn4yovjh2YSCSFe:PBjKEvjWYmBCKhmBDeMCSWQVn4y62YSM
Score

10^/10

bitrat discovery trojan
- BitRAT
  BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
  trojan bitrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bitratdiscoverytrojan

behavioral2

bitratdiscoverytrojan