babylonrat | e8eefab37fec532a017d60a2851ed8aff3f4589028e9ca6794d100ea758bddb1 | Triage

Submit
Reports

Overview

overview

Static

static

BABYLON.exe

windows7-x64

BABYLON.exe

windows10-2004-x64

Sharing

General

Target

BABYLON.exe
Size

355KB
Sample

230629-r43mcsee5z
MD5

072428ed08c736d6f81aea71741389b8
SHA1

6efa1a089267ce56b1962f2f93e5564256d38a1e
SHA256

e8eefab37fec532a017d60a2851ed8aff3f4589028e9ca6794d100ea758bddb1
SHA512

f53ba351383eaa4f375b89032f974215b808b0e50591a430e552e29d43a327da4ed028d5cd01e4a1d7b332b6fcfd21cc6609d54cd88a5ce4909df0c7cd393c15
SSDEEP

6144:9L1ncfWwN0oc35jeRh8Xqfy/Ka1OHAH0tMrKCTEABG+Z9d3cQT/9nR4Ioy19N:9LdcfxaeM6fy/KaVUtgKkTZ73coNRJN

Score

10^/10

babylonrat trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

BABYLON.exe

Resource

win7-20230621-en

babylonrat trojan upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

BABYLON.exe

Resource

win10v2004-20230621-en

babylonrat trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

babylonrat

C2

179.43.162.58

Targets

- Target
  
  BABYLON.exe
- Size
  
  355KB
- MD5
  
  072428ed08c736d6f81aea71741389b8
- SHA1
  
  6efa1a089267ce56b1962f2f93e5564256d38a1e
- SHA256
  
  e8eefab37fec532a017d60a2851ed8aff3f4589028e9ca6794d100ea758bddb1
- SHA512
  
  f53ba351383eaa4f375b89032f974215b808b0e50591a430e552e29d43a327da4ed028d5cd01e4a1d7b332b6fcfd21cc6609d54cd88a5ce4909df0c7cd393c15
- SSDEEP
  
  6144:9L1ncfWwN0oc35jeRh8Xqfy/Ka1OHAH0tMrKCTEABG+Z9d3cQT/9nR4Ioy19N:9LdcfxaeM6fy/KaVUtgKkTZ73coNRJN
Score

10^/10

babylonrat trojan upx
- Babylon RAT
  Babylon RAT is remote access trojan written in C++.
  trojan babylonrat
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

babylonrattrojanupx

behavioral2

babylonrattrojanupx

© 2018-2024

Terms | Privacy