MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3ea4691598800d0d5b7aa9aeaaae75c92c35a238adc57b1a49cd91d464dacae3. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



BitRAT


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments

SHA256 hash: 3ea4691598800d0d5b7aa9aeaaae75c92c35a238adc57b1a49cd91d464dacae3
SHA3-384 hash: 627a3eda1a541d7c80eb9667415648ffd7b6df6a5fdf814eec1d0e69d8d3dd0905fa022449711e1093eca9805518c707
SHA1 hash: 1fbc2e23b68f8db421e3f53a6d88b8adb6220fe3
MD5 hash: 6de159a55d12287671f21def0a88b833
humanhash: zebra-north-mike-green
File name:Statement.iso
Download: download sample
Signature BitRAT
File size:2'308'096 bytes
First seen:2021-01-19 13:02:45 UTC
Last seen:Never
File type: iso
MIME type:application/x-iso9660-image
ssdeep 49152:6gYUnpySEMB9H+5lCMnqukrKFW2bK49EZl:qUnL9HqlCMqukre9Vil
TLSH A2B512922E04EE01E179A7B5E42A65F472EEAD04D755C50B7C8DFEB9333390A860D632
Reporter abuse_ch
Tags:BitRAT iso RAT


Avatar
abuse_ch
Malspam distributing BitRAT:

HELO: mail.getemails.host
Sending IP: 163.44.206.131
From: Account <admin@getemails.host>
Reply-To: danielren101@gmail.com
Subject: Re: Statement Update
Attachment: Statement.iso (contains "Statement.exe")

BitRAT C2:
185.157.162.107:4783

Intelligence


File Origin
# of uploads :
1
# of downloads :
154
Origin country :
n/a
Vendor Threat Intelligence
Result
Verdict:
MALICIOUS
Threat name:
Win32.Trojan.Pwsx
Status:
Malicious
First seen:
2021-01-19 13:03:10 UTC
AV detection:
4 of 46 (8.70%)
Threat level:
  5/5
Please note that we are no longer able to provide a coverage score for Virus Total.

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

BitRAT

iso 3ea4691598800d0d5b7aa9aeaaae75c92c35a238adc57b1a49cd91d464dacae3

(this sample)

  
Dropping
BitRAT
  
Delivery method
Distributed via e-mail attachment

Comments