badrabbit | da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec | Triage

Submit
Reports

Overview

overview

Static

static

da2d865045...ec.exe

windows7_x64

6

da2d865045...ec.exe

windows10_x64

Sharing

General

Target

da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec
Size

880KB
Sample

210515-3d3txfglhn
MD5

ba92eb82a0d8e11e398699805443ddfb
SHA1

1be55fa2dfb0d523160a96294f15f08d5af65808
SHA256

da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec
SHA512

24e59f57f059e683abf567c77b78d7899888c8c8f419aa1429e2d22b6c01b6d835a7d532d4c58e0a075dc9b41bd959df3c06f1239fd32ccbd071e672275764f3

Score

10^/10

badrabbit ransomware

Static task

static1

Behavioral task

behavioral1

Sample

da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe

Resource

win7v20210410

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe

Resource

win10v20210410

badrabbit ransomware

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec
- Size
  
  880KB
- MD5
  
  ba92eb82a0d8e11e398699805443ddfb
- SHA1
  
  1be55fa2dfb0d523160a96294f15f08d5af65808
- SHA256
  
  da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec
- SHA512
  
  24e59f57f059e683abf567c77b78d7899888c8c8f419aa1429e2d22b6c01b6d835a7d532d4c58e0a075dc9b41bd959df3c06f1239fd32ccbd071e672275764f3
Score

10^/10

badrabbit ransomware
- BadRabbit
  Ransomware family discovered in late 2017, mainly targeting Russia and Ukraine.
  ransomware badrabbit
- Suspicious use of NtCreateProcessExOtherParentProcess
- Executes dropped EXE
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

badrabbitransomware

© 2018-2025

Terms | Privacy