Overview

overview

10

Static

static

10

Babylon/Ba...AT.exe

windows7-x64

10

Babylon/Ba...AT.exe

windows10-2004-x64

10

Babylon/Ob...ew.dll

windows7-x64

1

Babylon/Ob...ew.dll

windows10-2004-x64

1

Babylon/SH...U$.url

windows7-x64

6

Babylon/SH...U$.url

windows10-2004-x64

3

Babylon/Sh...GI.dll

windows7-x64

1

Babylon/Sh...GI.dll

windows10-2004-x64

1

Babylon/Sh...D1.dll

windows7-x64

1

Babylon/Sh...D1.dll

windows10-2004-x64

1

Babylon/Sh...10.dll

windows7-x64

1

Babylon/Sh...10.dll

windows10-2004-x64

1

Babylon/SharpDX.dll

windows7-x64

1

Babylon/SharpDX.dll

windows10-2004-x64

1

Babylon/Theme.dll

windows7-x64

1

Babylon/Theme.dll

windows10-2004-x64

1

Resubmissions

06-05-2024 03:14

240506-drhjrsfc3x 10

06-05-2024 03:08

240506-dm8kdsaa57 10

Analysis

  • max time kernel
    194s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    06-05-2024 03:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Babylon/SHARED_BY_EX0DU$.url

  • Size

    122B

  • MD5

    45e196c9cd4b31ff54da34c2a85b048d

  • SHA1

    4452d6198e4686a48051ebfc4d3b43dbfd297cac

  • SHA256

    4397640c30eeb22f42de973a35fb025c30781074b4a0e5d4b4d78db3e2e3fb15

  • SHA512

    6e39b0eb0d769e3463fc5fdd06a8b4e7dde151cbc9ae63e04f47dde60ff5533012604ab0f381c995f4bfca709e81fbcd47579ba039e607a2aa11de3e5314266e

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\Babylon\SHARED_BY_EX0DU$.url
    1⤵
    • Checks whether UAC is enabled
    PID:824
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1668
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1668 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1956

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    2c8f9397fbe1d442d53fc94f52cc2ec5

    SHA1

    3e1cc76cf3752e971550bec90612a6a35a5c6218

    SHA256

    d7e7ac9bb9564dda9a6489fe4143c71e270ec6816500a89ce65ea99ee8bdef28

    SHA512

    ff8c2a1292d094958748075f78248302007e920bc131c6f53a5288a0656d71b31382b2fe4d7e69099cb87d6f997fee98d80c7b4cfb8ade1cde033a4f9a81d8a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb4a465bf4d962bd6ad522b7d512c75f

    SHA1

    9652a8810f7720c6d1dbd6d3f5f96430a59b2f33

    SHA256

    f1ec1f29b36400e3295bf9c2d59045af760d5c85e3cd03378446b66a204324aa

    SHA512

    76a016cb631d532d051680f4b4d4f636e9ed19351773b87708c47f7d15116c4e92d078be4d6c0927eafa60adddac7ed25646e3f061708290858ca7df420f9fe2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    33cd1965b30a217d24be2a19609e8ed6

    SHA1

    fc64c7c949bfeb21746dfb99b7ba4de9724f9fda

    SHA256

    2cb6a44ff2a27965b9092e60d2235eece9293fdf7697e608689f8eba3a80f881

    SHA512

    d0e9735bcf02a7558b96eebfb5d7099589e3b65465fc9a0e983f7527f3bb2cd24ff5ede9352614dcea4249f3b9385a104c340bb36d9f4026255704fa0e74cd78

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    05dca08963bdc4392f05970850948ac7

    SHA1

    3c669ceb667c420a65d80daf5b3568a0744e4070

    SHA256

    b2c50805658b5dc60b8be076df9d66a08a4f20e51d9496fb779e3f532e22a50e

    SHA512

    d2a8c2a4987b5cd36844e198c89488da231d2a80c4ba8377b4dc82d6565dc31ac2938beb27858e569c3f8e37f393ebd8929681196509e6d3e0716b7c0a2d9ee0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ce0f5c0533470880327e5c92d8333ccf

    SHA1

    166dffd88ec7f5eca0fb7e2ad6cda4151b8c06e4

    SHA256

    a625168ce8e89c2c2033d8989e3f58da556f1ffd2ec501947f8ff51df092064a

    SHA512

    6923627137374f599325488d02fac65a78b127340238586ca48f328385d5eadc812b121e66c99c3ad35dc644327f17c08004a4a6516d159bd2d27429e452ebf4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ba8704b92737a9a9510d099ec4cee893

    SHA1

    38588529329b3800d15ee23e1c39a744e8cd3c44

    SHA256

    8055bcfe254ffe0223ba77c4299a8d98846fe54d3157a34a171fae17b7691fc5

    SHA512

    f3fd184d953c95157dd51436103dabd32c5f9ecc28266bd53c4b8e69b1a9abc25483a9377eed910c1b7d9dd160950ebdc30f121f6244f6d53ddfaf57ed6bbc79

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f236f0c093e316af75534fab3da0c2b4

    SHA1

    ef4ebbe53a2d2765971fb2d01c6df07b05537947

    SHA256

    a7bd5ddfb5abd0e748ea3b1eb59580319bacfcf937218fac0376b614e2cf366f

    SHA512

    e1350c68f2c86dbfaedcd29686d5d3d39c9b97cde07ce64d3eb3b989e78c38d9c4bfd70c78da8437f221c65ed4866d171f281cf2bb8831ee597b2f78720538b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d67a13d84d99213435f0d0d67387bf41

    SHA1

    df7a3be6b051f3176f27f54d5c1485130ee51cf4

    SHA256

    4d49c40645c5f39f13f182c82a8cae4119ca9e21932ced91299d7030ee82743b

    SHA512

    128c95233d142b4c11d35967c4f5f995be09e9002f46620830e830e51a7132777ecc2c6b22647322560ec20c524550d9657e0c21c6ad3200fff3700535ef6d2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    43b163e5e1abd0c51e042cb7fe7e3cac

    SHA1

    7336eed6fcd3c0959c08be4cc902ce415c275e4c

    SHA256

    22d103eb05438aa9d7656b47abffbb06c0d2ee3c64cf0de634a639f444f319e4

    SHA512

    04e8f1bcc13773d75b3b7c2cd548873e7db36507c37c471d3e2a199e9ee29accc8921ebde721beae78693213e3f2f0c53a65d7d80f1e88d436eb5e40fb172e90

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    88c7144ac3ea64f3fa1b067e586cd7a8

    SHA1

    942fae8617227e296357dbbbc7ab9546ae7523c8

    SHA256

    e49efb6e1416816eed5e080fb94df50c996db215e24fdaa6f69b05a8b98f8531

    SHA512

    cac1949d0ddc5c18705e93f8b468c34f0095f1f6366c9ff0f55a3bb41653f309f071563490d3f8d0c8d5bcabe988b42c280a9c5dce98ae3508826271ce53e48e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a5022d06f7429b4b1eee38888e7d6655

    SHA1

    d5eaacb1f25fc9abe2c9ac04b9f76b4caf9af6a6

    SHA256

    e3ab82c3e8f4524ebf5eaf79b991ac00ebf120befffb7583891efa246fd39874

    SHA512

    4e8a02b5e89bcbd1dc90c90ef3fc09ab336ba40712d340d1f8d621f389ec0fd27e36895893bdf564446f2b44ff04e61e23008603d06228791b6b651089814a10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1f836c038f605c7aab3cf26e3648834f

    SHA1

    6afa3ebf94deb5359c25138d8caee900a5e71030

    SHA256

    bb34659ff9bba5a757f5099ae791c8843973396c10ed0aa9239f9d18ccd3568d

    SHA512

    211ff58ddd17a004bb680d6d1632d80541b40089fcc2748782b6d54dd3b0165916b342ed9cd04748e790c123d4e62948f19be02db32670f10c5761b150506286

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    95992a43c5c2be157a0663e902e70a15

    SHA1

    c0e40e74f775267beec4f902ab9bd36f3e166ad3

    SHA256

    2b8bb8997852c4f8b0272cc7173a9ddcbd74e48299fc7f5cf68ec8ea0fe2a5eb

    SHA512

    ab2120052080f68286ebca2050ee3b4ca452b23661b4e6b90ece2e25cad655f852f5ed9d2fc920613fc89f19bbf006d7b5274f1a4767e5ffe9035ca101f39dbe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8ca4b513cc3f75f3eeac083c3db8edc6

    SHA1

    8028ea69a96ffdccd84a74defc060474d50834c8

    SHA256

    46e28d05592040c4a1ef67499602b470ac12521f34b8080b7722965c8311009f

    SHA512

    8cbd0ef65d4fed9009470b75fd00ed9ea67f7538f19b990179f7c852d40fc921588e541ced00ca5cd9d555a51fcb61abc2b4e9b7b2b0904bee625bdc2d937887

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    047595efb35945088e3dc4bc34e00229

    SHA1

    a2d5ace2e4243272e42c6d952861e3b36dd71660

    SHA256

    ad860804d1712aa2af59f181967a9bb878ae3375cf8c6c0cad1dc933134588c7

    SHA512

    ecec05a721ebcd640877cc946e8cc614eae2f3fd7eb84fa60443642c37fc696971c92349fd174fa707524dcf6d55fe301767d4888dd7aa4365688e65e667b88d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d68dd3c1e1d7f02666a19b4399293eaa

    SHA1

    0e6360ec58a7c7d029b3656dc55d4ad1b9e37d83

    SHA256

    c4ed7f91ac4ce39022524865e3b5fd5ebb14a8ff25935727bad26d5d87b48a60

    SHA512

    5b6f76719f9b1d61603bc6fcabd6a5e69a0731776dafb9e0348ab24de014f6405ecff0cb09a1c01c976355d7bb84f693c6fba0a4be3560dbeb20f90f6f632988

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3652ad904602c7db34c792f67a40d52c

    SHA1

    23fe5d97bb8eb38bad08869c1e098581123a2907

    SHA256

    dde384131231307e2bd65070c5dfa5faf04ebab8cf4f911652e32f9d8d3c3546

    SHA512

    7df9d382bea03ad892b7a708238d32f241438c265dcf920fff6d2acfb5d39ea437243853fd9ec8e9da1d34e727e8836ff1019b6691f87346cb545d4c8f1ee3e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e7f37fc632b731a7c076a1a1f64f1897

    SHA1

    9c7fb6bace3759c0827ef170cd51a691777e874a

    SHA256

    39669c73127fd3bfd86dd931b2e79a2b6e9b2a9696674f911e7ebad7ba5798bd

    SHA512

    35183bce249ecd207776c529611bdd8593fc68a4444a9e88307b7fe3d6cdf949a444bee81138a0c68a84a6986bae3d1ef2493de7637350b7e868bc24edf7bf7c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a0fb5d9294d1333cfb1008c6193838ac

    SHA1

    9e19f55735907910ccc48b6b3e0947a247bc586f

    SHA256

    820f97e74d88559afeb0fd39688abe9efea27d05ce8b6c812d93660c762c61a3

    SHA512

    6aedbf42808154abad8693343265e541462fde141d157041676768c0ae0cb8cbbc9acff25d5a6474ce362ee7783740fe4a1c8884975d8d5585f8817a2f855078

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    509bc907a38a199628f45c460535c2c2

    SHA1

    13feffd9afbc7ef0ff81a8e8135f9655ef938699

    SHA256

    413d7a7ff8a0d03cb6b2e50626879fb545bc6ef8f7b6a1b8117c6a8889844ab5

    SHA512

    34db532ee0693ad05004d860871d985c0a453a4c6fa6f0f7601347bc855ba6d446b1067d220a7327e6e12de5ed55379fc7bdd041fae2a95ffaaa3bd829ae5132

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2764.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit

  • memory/824-0-0x0000000000150000-0x0000000000160000-memory.dmp

    Filesize

    64KB

    Download