Overview

overview

10

Static

static

1

Babylon 1.5.1.0.zip

windows10-1703-x64

10

Resubmissions

07-02-2024 10:49

240207-mws1qsgaa4 10

07-02-2024 10:31

240207-mkk6rafgg9 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Babylon 1.5.1.0.zip

  • Size

    127KB

  • Sample

    240207-mkk6rafgg9

  • MD5

    92f1e77a395bbedf029d0f97011823fe

  • SHA1

    85c019157ec2d5393595b975518d4fe63d636429

  • SHA256

    4f12d0dba738f2fa84c2facbac90066853b04c160f334ef218906cd3e1c1df2d

  • SHA512

    a77444204efa71c932061cadca9748a33fb4cbfa35d564af12496528d68dc2f4c0d9a2d1219790e757fe15c50e6b9b3d90991da7a9c6ddcc541b0a5b23b4babf

  • SSDEEP

    3072:AlfpYYRMBy1cvxCO0BOjS+rzkzZfgIsYnZ3E4hGlt6q8Qi+Snvky2WlZR/AIDuq9:KDuqJtf01VSgE29xxspm0niivuz3Y9SE

Score
10/10
babylonrattrojanupx

Malware Config

Targets

    • Target

      Babylon 1.5.1.0.zip

    • Size

      127KB

    • MD5

      92f1e77a395bbedf029d0f97011823fe

    • SHA1

      85c019157ec2d5393595b975518d4fe63d636429

    • SHA256

      4f12d0dba738f2fa84c2facbac90066853b04c160f334ef218906cd3e1c1df2d

    • SHA512

      a77444204efa71c932061cadca9748a33fb4cbfa35d564af12496528d68dc2f4c0d9a2d1219790e757fe15c50e6b9b3d90991da7a9c6ddcc541b0a5b23b4babf

    • SSDEEP

      3072:AlfpYYRMBy1cvxCO0BOjS+rzkzZfgIsYnZ3E4hGlt6q8Qi+Snvky2WlZR/AIDuq9:KDuqJtf01VSgE29xxspm0niivuz3Y9SE

    Score
    10/10
    babylonrattrojanupx

    • Babylon RAT

      Babylon RAT is remote access trojan written in C++.

      trojanbabylonrat

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks