Overview

overview

10

Static

static

3

BitRat Cracked.rar

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    BitRat Cracked.rar

  • Size

    61.5MB

  • Sample

    241228-tpq15aznep

  • MD5

    69e70ea13901ae86789b3455813a1334

  • SHA1

    3e9e1d9948b23b8fa21650b51e941155bcc068c8

  • SHA256

    a2af34ebcde526aa98df7040bad86bd7b7a3bc70ed343187bcc9e490447d3662

  • SHA512

    c500fd9cc2b50330e7ba6ec590f6bf61c18d665c737b743cf218226db18e067b0221f4c6771ab954ebdd1a3faa891480e0da2fbd364a60fda0eb86fce9fb3be5

  • SSDEEP

    1572864:rInKJelI4pTXuQ06hwwou2u6u/RwXh8LOzHS:rInKstT+Q06hww9Ou/RwR2OG

Score
10/10
bitratdiscoverypersistencetrojan

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

127.0.0.1:7777

Attributes
  • communication_password

    81dc9bdb52d04dc20036dbd8313ed055

  • install_dir

    Install path

  • install_file

    Install name

  • tor_process

    tor

Targets

    • Target

      BitRat Cracked.rar

    • Size

      61.5MB

    • MD5

      69e70ea13901ae86789b3455813a1334

    • SHA1

      3e9e1d9948b23b8fa21650b51e941155bcc068c8

    • SHA256

      a2af34ebcde526aa98df7040bad86bd7b7a3bc70ed343187bcc9e490447d3662

    • SHA512

      c500fd9cc2b50330e7ba6ec590f6bf61c18d665c737b743cf218226db18e067b0221f4c6771ab954ebdd1a3faa891480e0da2fbd364a60fda0eb86fce9fb3be5

    • SSDEEP

      1572864:rInKJelI4pTXuQ06hwwou2u6u/RwXh8LOzHS:rInKstT+Q06hww9Ou/RwR2OG

    Score
    10/10
    bitratdiscoverypersistencetrojan

    • BitRAT

      BitRAT is a remote access tool written in C++ and uses leaked source code from other families.

      trojanbitrat

    • Bitrat family

      bitrat

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks