Overview

overview

10

Static

static

10

Shampion E...V2.exe

windows7-x64

10

Shampion E...V2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Shampion External V2.exe

  • Size

    355KB

  • Sample

    240417-s92spaga4x

  • MD5

    1183f72c91a0522b09172dd91c3bc670

  • SHA1

    38b1ea5cd1111092d5b37c518024e9676d3984ac

  • SHA256

    b8cc7d58c881ec6cc33c5c88a482a6406c98ad264d1903958e83d709cbae189a

  • SHA512

    ed09a78a8334e9db1da712bc0a24369d2ed23bd6e2b49b9f711bcf9cabe35c8d8bd7cfca7f88d4b2f3f0a511dc479528f8dc33490aafbc929bbdd5209cd0243a

  • SSDEEP

    6144:EL1ncfWwN0oc35jeRh8Xqfy/Ka1OHAH0tMrKCTEABG+Z9d3cQT/9nR4Ioy19:ELdcfxaeM6fy/KaVUtgKkTZ73coNRJ

Score
10/10
babylonrattrojanupx

Malware Config

Extracted

Family

babylonrat

C2

178.237.235.15

Targets

    • Target

      Shampion External V2.exe

    • Size

      355KB

    • MD5

      1183f72c91a0522b09172dd91c3bc670

    • SHA1

      38b1ea5cd1111092d5b37c518024e9676d3984ac

    • SHA256

      b8cc7d58c881ec6cc33c5c88a482a6406c98ad264d1903958e83d709cbae189a

    • SHA512

      ed09a78a8334e9db1da712bc0a24369d2ed23bd6e2b49b9f711bcf9cabe35c8d8bd7cfca7f88d4b2f3f0a511dc479528f8dc33490aafbc929bbdd5209cd0243a

    • SSDEEP

      6144:EL1ncfWwN0oc35jeRh8Xqfy/Ka1OHAH0tMrKCTEABG+Z9d3cQT/9nR4Ioy19:ELdcfxaeM6fy/KaVUtgKkTZ73coNRJ

    Score
    10/10
    babylonrattrojanupx

    • Babylon RAT

      Babylon RAT is remote access trojan written in C++.

      trojanbabylonrat

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks