bitrat | 426bc8bac5cb97b5340b0f347cc70024fb5cc64041149ad923c815aedaf17a7a

Resubmissions

17-04-2024 11:59

240417-n55assfe71 10

17-04-2024 11:59

17-04-2024 11:59

17-04-2024 11:59

17-04-2024 11:59

17-04-2024 06:14

Sharing

Copy URL

Twitter E-mail

General

Target

426bc8bac5cb97b5340b0f347cc70024fb5cc64041149ad923c815aedaf17a7a
Size

7.8MB
MD5

dbcb8a833677953edaf640b4d627895c
SHA1

688d21022848bddd94d1cf45d351cac0214c46be
SHA256

426bc8bac5cb97b5340b0f347cc70024fb5cc64041149ad923c815aedaf17a7a
SHA512

a789c91d86a0d09a62b12e1b11d97ed1410ec91d24f09fcc459d88432fa1a8a6bfccbf8427a68f950f2b3a13142668dfc21414c76867330babc4c13bb3553c15
SSDEEP

196608:OIRcbH4jSteTGvaxwhzav1yo31CPwDv3uFZjeg2EeJUO9WLQkDxtw3iFFrS6XOfm:OdHsfuaxwZ6v1CPwDv3uFteg2EeJUO9a

Score

10^/10

bitrat

Malware Config

Extracted

Family

bitrat

Version

1.38

sef7qgz77oamhl5gimls62lekmig5ormf6dcgftblhaxt2cn7emkbuid.onion:80

Attributes

communication_password
81dc9bdb52d04dc20036dbd8313ed055
install_dir
appdata
install_file
HealthCheck.exe
tor_process
WebDebugger

Signatures

Bitrat family
bitrat
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

426bc8bac5cb97b5340b0f347cc70024fb5cc64041149ad923c815aedaf17a7a

resource
426bc8bac5cb97b5340b0f347cc70024fb5cc64041149ad923c815aedaf17a7a

Files

426bc8bac5cb97b5340b0f347cc70024fb5cc64041149ad923c815aedaf17a7a
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 688KB - Virtual size: 687KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 2.9MB - Virtual size: 2.9MB

.rdata Size: 688KB - Virtual size: 687KB

.data Size: 72KB - Virtual size: 103KB

.gfids Size: 4KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 4.0MB - Virtual size: 4.0MB

.reloc Size: 147KB - Virtual size: 146KB

.text
Size: 2.9MB - Virtual size: 2.9MB

.rdata
Size: 688KB - Virtual size: 687KB

.data
Size: 72KB - Virtual size: 103KB

.gfids
Size: 4KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 4.0MB - Virtual size: 4.0MB

.reloc
Size: 147KB - Virtual size: 146KB