babylonrat | bf4391a80d1b0062f1f8bab43759981d971a5e8319aefb65273f3d276130c1fb | Triage

Submit
Reports

Overview

overview

Static

static

Diln External V3.exe

windows7-x64

Diln External V3.exe

windows10-2004-x64

Sharing

General

Target

Diln External V3.exe
Size

426KB
Sample

240419-qtqpdadf46
MD5

c600a79fd780a84a5fed6af7c03767b7
SHA1

dcf2a842ebdd284136ad29915e5bc2541cef306d
SHA256

bf4391a80d1b0062f1f8bab43759981d971a5e8319aefb65273f3d276130c1fb
SHA512

188ec0ace793cf024cc3cad564e6832e3564c119dbbb3313f038d45e5df7dde2aed6bf3a83ba9cfb9591b99e4dc46f0d302731d8a2ef5508049983b37e5e57b2
SSDEEP

12288:HLdcfxaeM6fy/KaVUtgKkTZ73coNRJmj:rkIZGSAtgN+eJmj

Score

10^/10

babylonrat trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Diln External V3.exe

Resource

win7-20240221-en

babylonrat trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

Diln External V3.exe

Resource

win10v2004-20240226-en

babylonrat trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

babylonrat

C2

178.237.233.106

Targets

- Target
  
  Diln External V3.exe
- Size
  
  426KB
- MD5
  
  c600a79fd780a84a5fed6af7c03767b7
- SHA1
  
  dcf2a842ebdd284136ad29915e5bc2541cef306d
- SHA256
  
  bf4391a80d1b0062f1f8bab43759981d971a5e8319aefb65273f3d276130c1fb
- SHA512
  
  188ec0ace793cf024cc3cad564e6832e3564c119dbbb3313f038d45e5df7dde2aed6bf3a83ba9cfb9591b99e4dc46f0d302731d8a2ef5508049983b37e5e57b2
- SSDEEP
  
  12288:HLdcfxaeM6fy/KaVUtgKkTZ73coNRJmj:rkIZGSAtgN+eJmj
Score

10^/10

babylonrat trojan upx
- Babylon RAT
  Babylon RAT is remote access trojan written in C++.
  trojan babylonrat
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

babylonrattrojanupx

behavioral2

babylonrattrojanupx

© 2018-2024

Terms | Privacy