Overview

overview

10

Static

static

5

NEAS.10f85...30.exe

windows7-x64

10

NEAS.10f85...30.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.10f8511446e92c48a02474c4f65fb930.exe

  • Size

    1.5MB

  • Sample

    231025-16mhlahb2z

  • MD5

    10f8511446e92c48a02474c4f65fb930

  • SHA1

    f4005892c5c66d1cffc32b9f4c644e183dc6efb2

  • SHA256

    da19118cc78146301c2498346fd3a87999be844f3b2ad8a11e689b9e9af5b092

  • SHA512

    d161d56398743323d41033a6863b1b5aba60283f1fd59b596439aee81bb10a02656376bf03a832739ff664b0d983ac0d87926bd948ed93ffe019b2737e0c1f96

  • SSDEEP

    24576:dbCj2sObHtqQ4QqH0XlE654b4fX3fo8wBgNc2:dbCjPKNqQqH0XSucQ

Score
10/10
babylonrattrojanupx

Malware Config

Targets

    • Target

      NEAS.10f8511446e92c48a02474c4f65fb930.exe

    • Size

      1.5MB

    • MD5

      10f8511446e92c48a02474c4f65fb930

    • SHA1

      f4005892c5c66d1cffc32b9f4c644e183dc6efb2

    • SHA256

      da19118cc78146301c2498346fd3a87999be844f3b2ad8a11e689b9e9af5b092

    • SHA512

      d161d56398743323d41033a6863b1b5aba60283f1fd59b596439aee81bb10a02656376bf03a832739ff664b0d983ac0d87926bd948ed93ffe019b2737e0c1f96

    • SSDEEP

      24576:dbCj2sObHtqQ4QqH0XlE654b4fX3fo8wBgNc2:dbCjPKNqQqH0XSucQ

    Score
    10/10
    babylonrattrojanupx

    • Babylon RAT

      Babylon RAT is remote access trojan written in C++.

      trojanbabylonrat

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks