Overview

overview

10

Static

static

1

CLOUDFLA.exe

windows7-x64

10

CLOUDFLA.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    35c34967d389c069ea5a70aaa4dad290.bin

  • Size

    31.7MB

  • Sample

    230302-blsfnsae4y

  • MD5

    35c34967d389c069ea5a70aaa4dad290

  • SHA1

    408be5f4c36b93cf651b08f1f37d2b938aeee596

  • SHA256

    31d7d798d1cde0d978be8aece150160aa2e4da4ce9e5e85972dc2e15e8c8d03b

  • SHA512

    c8f486243c4afffeeef071cce2b17b3eb3d5cfe8b9f1c093103be6e2a5d10af6a90a9e881edd5bbf5a76fccb7490b56e490fc244c9057aca2fca2f2d2a677ba5

  • SSDEEP

    786432:nQRwdPcRhvUvAtRNW0sm2CGFSXOSmL5NDBsX9LsD73e48:QRwdPcRavyu0F2zFz5De9LW7e48

Score
10/10
babadedacrypterevasionloadertrojan

Malware Config

Targets

    • Target

      CLOUDFLA.EXE

    • Size

      30.9MB

    • MD5

      edf02789603a77a4c7b42dd8091babe0

    • SHA1

      75a4690028051f5eb8df5195a5bec283066b8420

    • SHA256

      8f3bb770ad8cafcabe4eba9f67ba79f353ddee4caf30532e724bdeb15489df64

    • SHA512

      c696ff8989b47a94a960154d2a26d5b93f3a7a19c5582ff649d5e67faddc746b3d7fe86adf42023bf2bc22759bf5d9af38ab5863a760f997b9288ec02d620b79

    • SSDEEP

      786432:SQRwdPcRhvUvAtRNW0sm2CGFSXOSmL5NDBsX9LsD73e486:1RwdPcRavyu0F2zFz5De9LW7e486

    Score
    10/10
    babadedacrypterevasionloadertrojan

    • Babadeda

      Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.

      loadercrypterbabadeda

    • Babadeda Crypter

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

3
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks