babadeda | 91a2438e2f0b0572836b4e501bb22141c6908746b3891a41401a7276a03c1030 | Triage

Submit
Reports

Overview

overview

Static

static

1

ClipPlusCo...up.msi

windows7-x64

ClipPlusCo...up.msi

windows10-2004-x64

Sharing

General

Target

ClipPlusCommunitySetup.zip
Size

17.0MB
Sample

240130-1svbaaeffn
MD5

d97886f33e4198fa5d3d5e3f0b58f998
SHA1

a536bb8003e30d8822c3fdae1a5d95f3673710ae
SHA256

91a2438e2f0b0572836b4e501bb22141c6908746b3891a41401a7276a03c1030
SHA512

5706d238b4e28dddbe40f678b41e875ce4710d636b65aca5d03d46002a060b287caf3e5f3848ad0d53f8498daa16e3bb940b0094000cbd58740c137660c0942e
SSDEEP

393216:+3IE3UbhLj5zGiRQVvnMwh2tfn3J8bVMF0hDXdAD8OQtTKOULTu9VzbjfyNww9mg:PE3Ur4vFh29J82OXdAD8OQtT+eNfyNHV

Score

10^/10

babadeda crypter loader

Static task

static1

Behavioral task

behavioral1

Sample

ClipPlusCommunitySetup.msi

Resource

win7-20231215-en

babadeda crypter loader

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

ClipPlusCommunitySetup.msi

Resource

win10v2004-20231215-en

babadeda crypter loader

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  ClipPlusCommunitySetup.msi
- Size
  
  17.1MB
- MD5
  
  eb64b1dbb38961bdb4c0f4b724b1ed3d
- SHA1
  
  a375bc847388cdddc6cffd57dc7f0c3d6be72cdf
- SHA256
  
  cf5d6c68811f37d9ae1a9cc62abc1987fdd8900d271fdaa01d4a84853d7db10d
- SHA512
  
  5c56b478f88002e10b3bea6ed2151a8e89e1693270effaa6ded943b1325b0d1e1a4aa9fa66fd8b372f70da86feab6cee781518bb50514dfb341a9767a01d36a7
- SSDEEP
  
  393216:QnEbwdw5PBbXDqPiHNTS3ByWhGhz3iQw0FHufQMfh1GD6QGhNgqx9OPNQNI62vho:pbwdwnBtcFhG1w0MVZ1GD6QGhNpwsIne
Score

10^/10

babadeda crypter loader
- Babadeda
  Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.
  loader crypter babadeda
- Babadeda Crypter
- Executes dropped EXE
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

babadedacrypterloader

behavioral2

babadedacrypterloader

© 2018-2024

Terms | Privacy