babadeda

General

Target

700b05fede8afe3573b6fec81452d4b09c29adb003cdacb762c8b53d84709901
Size

16.5MB
Sample

240410-nyqh3ahf9y
MD5

e3ffe9b1db336ca7f34e0f26215d4ee4
SHA1

3ec434df80529311342401ac7a7acd066e19c90f
SHA256

700b05fede8afe3573b6fec81452d4b09c29adb003cdacb762c8b53d84709901
SHA512

71168c55f1c159d48b11f951fae2c8686fc66e4e1ba57f5bc2904cc06af71d096ebc60220745133c83c5a06682621736c6f73261658af5ab086b5831f91c9a8b
SSDEEP

196608:jtxgKFeSqv70qJ3uf0jox2m1eKFL3mKLzmi3S4s8EzR:rgKHpqJ3ussx2R+L3mKnPSXV

Score

10^/10

Malware Config

Targets

- Target
  
  700b05fede8afe3573b6fec81452d4b09c29adb003cdacb762c8b53d84709901
- Size
  
  16.5MB
- MD5
  
  e3ffe9b1db336ca7f34e0f26215d4ee4
- SHA1
  
  3ec434df80529311342401ac7a7acd066e19c90f
- SHA256
  
  700b05fede8afe3573b6fec81452d4b09c29adb003cdacb762c8b53d84709901
- SHA512
  
  71168c55f1c159d48b11f951fae2c8686fc66e4e1ba57f5bc2904cc06af71d096ebc60220745133c83c5a06682621736c6f73261658af5ab086b5831f91c9a8b
- SSDEEP
  
  196608:jtxgKFeSqv70qJ3uf0jox2m1eKFL3mKLzmi3S4s8EzR:rgKHpqJ3ussx2R+L3mKnPSXV
Score

10^/10

babadeda outsteel crypter discovery loader spyware stealer
- Babadeda
  Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.
  loader crypter babadeda
- Babadeda Crypter
- OutSteel
  OutSteel is a file uploader and document stealer written in AutoIT.
  stealer outsteel
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2