Overview

overview

10

Static

static

1

ClipPlusCo...ns.msi

windows7-x64

10

ClipPlusCo...ns.msi

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ClipPlusCommunitySetup_ns.zip

  • Size

    17.0MB

  • Sample

    240131-zwlb4sceb5

  • MD5

    89c3080450032840bb51a80be936d69e

  • SHA1

    b2b8cc29fa2b5a75b1254f164c4c9c8ec6742392

  • SHA256

    1120c72e96423635515bd260a0d9b219a6a7d17eca7f21d2ab63e3a6d2319539

  • SHA512

    8df5a216dad1a77f6c0495e893d236ce73c3707ff94e35cce75c9d963647cc6878ca781574c1c06b240e10b5e926b8204de7488786130d0e1d9ab03bb811f901

  • SSDEEP

    393216:QLIGp071zZfacj5sdJl4IhyPrPAkQFh2QiqS7GDacp5pDkLgpnHdWeneOjfGiKWt:NGp0/SJjhyUkQO6S7GDacp5poydnlfGm

Score
10/10
babadedacrypterloader

Malware Config

Targets

    • Target

      ClipPlusCommunitySetup_ns.msi

    • Size

      17.1MB

    • MD5

      b82ada91e8742234257d9cad38deebfe

    • SHA1

      d1278efa9729f955de1dbfcfe53550e67212ff9b

    • SHA256

      3c8a05c5e2b599db85700ff9334a778efd2a99f6b4a1852aa0c129ba6039f834

    • SHA512

      676d29697382b1375c7da26fcd6af20a7c5fb9f0f506c951c7280c7da12778d40fcfb1ef50653628123edf6cba8308d43a4945489a5f6b58e67dcc61d6fd373b

    • SSDEEP

      393216:bnEbwdw5PBbXDqPiHNTS3ByWhGhz3iQw0FHufQMfh1GD6QGhNgqx9OPNQNI62vhp:wbwdwnBtcFhG1w0MVZ1GD6QGhNpwsIn/

    Score
    10/10
    babadedacrypterloader

    • Babadeda

      Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.

      loadercrypterbabadeda

    • Babadeda Crypter

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks