Overview

overview

8

Static

static

1

Badlion Cl....0.exe

windows10-2004-x64

8

Resubmissions

28/06/2023, 17:10

230628-vppzhabd3t 8

28/06/2023, 02:36

230628-c3wp4agb39 8

28/06/2023, 01:50

230628-b9a7asha4v 8

27/06/2023, 21:44

230627-1lw7asge5v 4

27/06/2023, 20:53

230627-zpdzfsfe24 4

Sharing

Copy URL Twitter E-mail

General

  • Target

    Badlion Client Setup 3.16.0.exe

  • Size

    129.3MB

  • Sample

    230628-c3wp4agb39

  • MD5

    7c3a7f421537d2320e71cd80320dda25

  • SHA1

    d538c158632582338e9e341685890adcf97e7cff

  • SHA256

    938f0f59b235568981600a40bf7d6b0f7d01199405729fcd1fd26c0f52c9d3c4

  • SHA512

    f77b16d938d34a975a7081271159e436b1c67a25a7246cb0f10d072e8b009b0f9bf7b777cb77d650ee6e171366449200ff3d56ad6074338e21534c6d91842201

  • SSDEEP

    3145728:yYj7E+aREYwAT2roh0SgtY0NtZns6FUEF:Pj7QrTwoWSetZnsWUE

Score
8/10
adwarepersistencestealer

Malware Config

Targets

    • Target

      Badlion Client Setup 3.16.0.exe

    • Size

      129.3MB

    • MD5

      7c3a7f421537d2320e71cd80320dda25

    • SHA1

      d538c158632582338e9e341685890adcf97e7cff

    • SHA256

      938f0f59b235568981600a40bf7d6b0f7d01199405729fcd1fd26c0f52c9d3c4

    • SHA512

      f77b16d938d34a975a7081271159e436b1c67a25a7246cb0f10d072e8b009b0f9bf7b777cb77d650ee6e171366449200ff3d56ad6074338e21534c6d91842201

    • SSDEEP

      3145728:yYj7E+aREYwAT2roh0SgtY0NtZns6FUEF:Pj7QrTwoWSetZnsWUE

    Score
    8/10
    adwarepersistencestealer

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks