babylonrat | 57b5a6c752a24058eb51cb09a2a031f6a618ac0da644e1f91646aa088613b34b[.]exe | Triage

Sharing

General

Target

57b5a6c752a24058eb51cb09a2a031f6a618ac0da644e1f91646aa088613b34b.exe
Size

1.8MB
MD5

b484746a2fc6397abda9757fc3f978f3
SHA1

aaac8e51a69e27fc05ac2e3bde232fafaf638526
SHA256

57b5a6c752a24058eb51cb09a2a031f6a618ac0da644e1f91646aa088613b34b
SHA512

0eee94ebdf51373014e1097dc5aa9a62dc73fe4b890a5960b06b3113dac14ecb047d276a37a6380efc5f4f8256abfcac531fc7d066ee68fcea8a9ce1dcc419ba
SSDEEP

49152:F6j0TvZzNlNk3w00SZxJVgQXB/amVWP4AVcPI:o4TRRTk3w0z7yPRVcP

Score

10^/10

babylonrat

Malware Config

Signatures

Babylonrat family
babylonrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57b5a6c752a24058eb51cb09a2a031f6a618ac0da644e1f91646aa088613b34b.exe

Files

57b5a6c752a24058eb51cb09a2a031f6a618ac0da644e1f91646aa088613b34b.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 516KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ