babadeda | 5096934b3f97efee0dfc0f5d2b10ee1c78be523238a6f2685b58d36b8ff80cdd | Triage

Submit
Reports

Overview

overview

Static

static

1

aspose.msi

windows10-1703-x64

aspose.msi

windows10-2004-x64

Sharing

General

Target

aspose.msi
Size

5.8MB
Sample

230903-gc8zysgf96
MD5

c3798ee9903ba07a6608ad0778d422d3
SHA1

b12ee580df86de2cabf8a921bc9652ad1e874f20
SHA256

5096934b3f97efee0dfc0f5d2b10ee1c78be523238a6f2685b58d36b8ff80cdd
SHA512

5c0afd03d9de60d1643f8db33609b478e95f0e3a7bdeffca2ad858175716ec7565fdcf90b125235a5c894049fd992485ffcf1b425db96719c6b9ad825359fb60
SSDEEP

98304:T+XA2HC4mqHqaPkxQ0FLXKhs7oS+YIAknI6cI1UEqBr95:FGHqaPUQ0xa17xAkafEqd

Score

10^/10

babadeda lumma crypter loader stealer

Static task

static1

Behavioral task

behavioral1

Sample

aspose.msi

Resource

win10-20230831-en

babadeda lumma crypter loader stealer

windows10-1703-x64

14 signatures

60 seconds

Behavioral task

behavioral2

Sample

aspose.msi

Resource

win10v2004-20230831-en

babadeda lumma crypter loader stealer

windows10-2004-x64

13 signatures

60 seconds

Malware Config

Targets

- Target
  
  aspose.msi
- Size
  
  5.8MB
- MD5
  
  c3798ee9903ba07a6608ad0778d422d3
- SHA1
  
  b12ee580df86de2cabf8a921bc9652ad1e874f20
- SHA256
  
  5096934b3f97efee0dfc0f5d2b10ee1c78be523238a6f2685b58d36b8ff80cdd
- SHA512
  
  5c0afd03d9de60d1643f8db33609b478e95f0e3a7bdeffca2ad858175716ec7565fdcf90b125235a5c894049fd992485ffcf1b425db96719c6b9ad825359fb60
- SSDEEP
  
  98304:T+XA2HC4mqHqaPkxQ0FLXKhs7oS+YIAknI6cI1UEqBr95:FGHqaPUQ0xa17xAkafEqd
Score

10^/10

babadeda lumma crypter loader stealer
- Babadeda
  Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.
  loader crypter babadeda
- Babadeda Crypter
- Lumma Stealer
  An infostealer written in C++ first seen in August 2022.
  stealer lumma
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

babadedalummacrypterloaderstealer

behavioral2

babadedalummacrypterloaderstealer

© 2018-2024

Terms | Privacy