bruteratel | f942574ac26bd3a42fab403aadd243e2bf274fd0f30d69afbed958c1b9da7157 | Triage

Sharing

General

Target

15575183075.zip
Size

399KB
Sample

240305-3ed39add89
MD5

b2801751a9b20964dbca70c1f3cd0187
SHA1

5f430966c91593b0968edcadf8ba23aed75e67ce
SHA256

f942574ac26bd3a42fab403aadd243e2bf274fd0f30d69afbed958c1b9da7157
SHA512

25b2c787202a31342ff019a8c9b25773dbe44a5bfdf43e3fcd354661ddeaf905620fab2390a17be5590a6d638bdaed56239886441e2c1593fc332f0af5f7270a
SSDEEP

12288:DHBS9ZyaiXzislcSKX6EeiKh7DcUPq3DAuZ:zw9ZyfxKqE9m7gwqz7Z

Score

10^/10

bruteratel backdoor

Malware Config

Extracted

Family

bruteratel

C2

192.168.2.5:443

Attributes

c2_auth
LIHCPED9C9IMM0M7
uri
/admin.php
user_agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36

Targets

- Target
  
  84c38b94169f02861cf2a2b9450d057b642f2a76cf43b7fe145dd76b09d50ea2
- Size
  
  564KB
- MD5
  
  38cc0e9b4e311ff18637fb963e9fe3a1
- SHA1
  
  7555a776240311ec759a62735ae9d312ed0e6d72
- SHA256
  
  84c38b94169f02861cf2a2b9450d057b642f2a76cf43b7fe145dd76b09d50ea2
- SHA512
  
  bc081330275d6d7571ef7f5fb1ffaf78f7e6ed0e24bdd16a3bfbc3f0b34442542671b58c2561ed5967c6167d652b2d4c61e4c66d4b57c2b074c55c6dbe450630
- SSDEEP
  
  12288:PNdWZZ/Fdqh4JdSstHhP/tIGEwccymDhX:PXWZZ/Fd64HBJhP/tztNbZ
Score

10^/10

bruteratel backdoor
- Brute Ratel C4
  A customized command and control framework for red teaming and adversary simulation.
  backdoor bruteratel
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bruteratelbackdoor

behavioral2

bruteratelbackdoor