General
-
Target
700b05fede8afe3573b6fec81452d4b09c29adb003cdacb762c8b53d84709901
-
Size
16.5MB
-
Sample
240410-nyqh3ahf9y
-
MD5
e3ffe9b1db336ca7f34e0f26215d4ee4
-
SHA1
3ec434df80529311342401ac7a7acd066e19c90f
-
SHA256
700b05fede8afe3573b6fec81452d4b09c29adb003cdacb762c8b53d84709901
-
SHA512
71168c55f1c159d48b11f951fae2c8686fc66e4e1ba57f5bc2904cc06af71d096ebc60220745133c83c5a06682621736c6f73261658af5ab086b5831f91c9a8b
-
SSDEEP
196608:jtxgKFeSqv70qJ3uf0jox2m1eKFL3mKLzmi3S4s8EzR:rgKHpqJ3ussx2R+L3mKnPSXV
Malware Config
Targets
-
-
Target
700b05fede8afe3573b6fec81452d4b09c29adb003cdacb762c8b53d84709901
-
Size
16.5MB
-
MD5
e3ffe9b1db336ca7f34e0f26215d4ee4
-
SHA1
3ec434df80529311342401ac7a7acd066e19c90f
-
SHA256
700b05fede8afe3573b6fec81452d4b09c29adb003cdacb762c8b53d84709901
-
SHA512
71168c55f1c159d48b11f951fae2c8686fc66e4e1ba57f5bc2904cc06af71d096ebc60220745133c83c5a06682621736c6f73261658af5ab086b5831f91c9a8b
-
SSDEEP
196608:jtxgKFeSqv70qJ3uf0jox2m1eKFL3mKLzmi3S4s8EzR:rgKHpqJ3ussx2R+L3mKnPSXV
Score10/10-
Babadeda
Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.
-
Babadeda Crypter
-
OutSteel
OutSteel is a file uploader and document stealer written in AutoIT.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-