badrabbit | hxxps://github[.]com/Da2dalus/The-MALWARE-Repo/tree/master/Ransomware | Triage

Submit
Reports

Overview

overview

Static

static

1

URLScan

urlscan

https://github.com/D...

windows10-1703-x64

Resubmissions

09-05-2024 20:23

240509-y58y4afh39 1

03-05-2024 11:30

240503-nl9feafd78 10

03-05-2024 11:28

240503-nlhbxsfd55 4

03-05-2024 11:25

240503-nh81gadc71 10

Sharing

General

Target

https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Ransomware
Sample

240503-nl9feafd78

Score

10^/10

badrabbit mimikatz ransomware

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Ransomware

Resource

win10-20240404-en

badrabbit mimikatz ransomware

windows10-1703-x64

16 signatures

1800 seconds

Malware Config

Targets

- Target
  
  https://github.com/Da2dalus/The-MALWARE-Repo/tree/master/Ransomware
Score

10^/10

badrabbit mimikatz ransomware
- BadRabbit
  Ransomware family discovered in late 2017, mainly targeting Russia and Ukraine.
  ransomware badrabbit
- Mimikatz
  mimikatz is an open source tool to dump credentials on Windows.
  mimikatz
- mimikatz is an open source tool to dump credentials on Windows
- Downloads MZ/PE file
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

urlscan1

behavioral1

badrabbitmimikatzransomware

© 2018-2024

Terms | Privacy