bruteratel | 04c031ecbff301c0c7c55c8c9352dea457370b221c314710e2e94575b8caf45b | Triage

Resubmissions

15-03-2024 08:35

240315-khfr5scb41 10

08-03-2024 06:28

240308-g8rqjsac9y 10

Sharing

General

Target

bac03e7065835ff2e82f01801740a5e0
Size

1.3MB
Sample

240315-khfr5scb41
MD5

bac03e7065835ff2e82f01801740a5e0
SHA1

2bf512bc4f3d6f1bece40073ddedadad65264166
SHA256

04c031ecbff301c0c7c55c8c9352dea457370b221c314710e2e94575b8caf45b
SHA512

a2ee185a51f1ee7d53a622013ccb9f47c9893f304dce3413d53399ad3d757ed0dd7782f8dbe3f60c8f19c9f69fd40fc8fbb3b59aa09279871a3ee50878f50d97
SSDEEP

24576:r4VrnNUc9BJxetHXQf/R4GdfEzh7B905zfXKkfz+bVILjMxuY:cFNlYXI/R4GduL05zfXdfgVILY1

Score

10^/10

bruteratel backdoor

Malware Config

Targets

- Target
  
  bac03e7065835ff2e82f01801740a5e0
- Size
  
  1.3MB
- MD5
  
  bac03e7065835ff2e82f01801740a5e0
- SHA1
  
  2bf512bc4f3d6f1bece40073ddedadad65264166
- SHA256
  
  04c031ecbff301c0c7c55c8c9352dea457370b221c314710e2e94575b8caf45b
- SHA512
  
  a2ee185a51f1ee7d53a622013ccb9f47c9893f304dce3413d53399ad3d757ed0dd7782f8dbe3f60c8f19c9f69fd40fc8fbb3b59aa09279871a3ee50878f50d97
- SSDEEP
  
  24576:r4VrnNUc9BJxetHXQf/R4GdfEzh7B905zfXKkfz+bVILjMxuY:cFNlYXI/R4GduL05zfXdfgVILY1
Score

10^/10

bruteratel backdoor
- Brute Ratel C4
  A customized command and control framework for red teaming and adversary simulation.
  backdoor bruteratel
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bruteratelbackdoor

behavioral2

bruteratelbackdoor