babadeda | b287ca1d7e7fe40167452d4cae5a8bfbfaac8231adc71b33837a7abcdaf3b59d | Triage

Submit
Reports

Overview

overview

Static

static

ccd56bca84...7c.exe

windows7_x64

ccd56bca84...7c.exe

windows10_x64

Sharing

General

Target

ccd56bca846828d16b951b099f55ae7c.exe.vir.7z
Size

115.9MB
Sample

220219-vhxqrsbac9
MD5

015c2799b7f636fa36cc00b33980dc58
SHA1

2e90aa5929d7f723867338025541083e3e6be11e
SHA256

b287ca1d7e7fe40167452d4cae5a8bfbfaac8231adc71b33837a7abcdaf3b59d
SHA512

c1cfc048948eb5136998a25fcf2ab1be012b1a13e4ede2e518008912ed114cc193fbfa55e16d35499a2c55244f9340fd6d2ba3492362c24f7a9d22691cdb78a8

Score

10^/10

babadeda remcos crypter evasion loader rat trojan

Static task

static1

Behavioral task

behavioral1

Sample

ccd56bca846828d16b951b099f55ae7c.exe

Resource

win7-en-20211208

babadeda remcos crypter evasion loader rat trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ccd56bca846828d16b951b099f55ae7c.exe

Resource

win10-en-20211208

babadeda remcos crypter evasion loader rat trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  ccd56bca846828d16b951b099f55ae7c.exe.vir
- Size
  
  117.7MB
- MD5
  
  ccd56bca846828d16b951b099f55ae7c
- SHA1
  
  37641c823fc68d6e22542107a58c28247763c12a
- SHA256
  
  4c88894f3db3123130bf766ea024aa8baba4e9e1bd36d6509f61477e9e9bd345
- SHA512
  
  25395603082a94fc29c8272ee1e6abb1a602b3a81080aa2012b65623b0b46e174bc984dd3484b80d56ae770943ee41c76762c060ca93234eefd9fa24f01f843c
Score

10^/10

babadeda remcos crypter evasion loader rat trojan
- Babadeda
  Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.
  loader crypter babadeda
- Babadeda Crypter
- Remcos
  Remcos is a closed-source remote control and surveillance software.
  rat remcos
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

babadedaremcoscrypterevasionloaderrattrojan

behavioral2

babadedaremcoscrypterevasionloaderrattrojan

© 2018-2025

Terms | Privacy