bitrat | a21f3537b93ad2f5403432e03ed4a17f0c8fa57e92d69d4f40b2c4b76550ffaa | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...44.exe

windows7-x64

JaffaCakes...44.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_060d302b02129c37141233ce0d45b544
Size

1.7MB
Sample

250106-bpcvdstmgn
MD5

060d302b02129c37141233ce0d45b544
SHA1

ee11e1f3338123d75f781f3bfffb8f7496c690be
SHA256

a21f3537b93ad2f5403432e03ed4a17f0c8fa57e92d69d4f40b2c4b76550ffaa
SHA512

e8301ff371e1a55b08edce7a57c5d53ddb90d6d52a12b8c151ca7d8c6d5488f9e05c8e83f39775d45c7b96910b65acaa00ed88fd03ef930de53f2307784ef949
SSDEEP

24576:aGAASJ+e1ne+6Iyc0mauZEpTZIc1h9A+1TcVDka13/n/nMFaWaiEpwqnyGpXS28Y:xAALe8+68auZuZ6SMJPIaoE2qne28Xo

Score

10^/10

bitrat discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_060d302b02129c37141233ce0d45b544.exe

Resource

win7-20240903-en

bitrat discovery trojan upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_060d302b02129c37141233ce0d45b544.exe

Resource

win10v2004-20241007-en

bitrat discovery trojan upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

185.250.148.54:4898

Attributes

communication_password
5e868314c93c46157fbd5b1adce630ff
tor_process
tor

Targets

- Target
  
  JaffaCakes118_060d302b02129c37141233ce0d45b544
- Size
  
  1.7MB
- MD5
  
  060d302b02129c37141233ce0d45b544
- SHA1
  
  ee11e1f3338123d75f781f3bfffb8f7496c690be
- SHA256
  
  a21f3537b93ad2f5403432e03ed4a17f0c8fa57e92d69d4f40b2c4b76550ffaa
- SHA512
  
  e8301ff371e1a55b08edce7a57c5d53ddb90d6d52a12b8c151ca7d8c6d5488f9e05c8e83f39775d45c7b96910b65acaa00ed88fd03ef930de53f2307784ef949
- SSDEEP
  
  24576:aGAASJ+e1ne+6Iyc0mauZEpTZIc1h9A+1TcVDka13/n/nMFaWaiEpwqnyGpXS28Y:xAALe8+68auZuZ6SMJPIaoE2qne28Xo
Score

10^/10

bitrat discovery trojan upx
- BitRAT
  BitRAT is a remote access tool written in C++ and uses leaked source code from other families.
  trojan bitrat
- Bitrat family
  bitrat
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bitratdiscoverytrojanupx

behavioral2

bitratdiscoverytrojanupx

© 2018-2025

Terms | Privacy