General

  • Target

    2024-07-25_d7ad0cdda235608cb4afb702562fdcfd_bad-rabbit_eternalpetya

  • Size

    431KB

  • Sample

    240725-l4gr1avgka

  • MD5

    d7ad0cdda235608cb4afb702562fdcfd

  • SHA1

    358699a2bc63d26030f88b6287b07aaeb69680c5

  • SHA256

    06d269411d74cbc6026eab2776a7cded68dd3380b7e1b890f15d2210d2ff376f

  • SHA512

    4e269eb4a0d11f54d2e3ce167471b3a52cb4cb33f0766c420c0553db48c95f41c2a73fe1257669a63893a2a3e9cb0c1920a516d1ba780faea3f46e97260d2636

  • SSDEEP

    12288:BHNTywFAvN86pLbqWRKHZKfErrZJyZ0yqsGO3XR6:vT56NbqWRwZaEr3yt2O3XR6

Malware Config

Targets

    • Target

      2024-07-25_d7ad0cdda235608cb4afb702562fdcfd_bad-rabbit_eternalpetya

    • Size

      431KB

    • MD5

      d7ad0cdda235608cb4afb702562fdcfd

    • SHA1

      358699a2bc63d26030f88b6287b07aaeb69680c5

    • SHA256

      06d269411d74cbc6026eab2776a7cded68dd3380b7e1b890f15d2210d2ff376f

    • SHA512

      4e269eb4a0d11f54d2e3ce167471b3a52cb4cb33f0766c420c0553db48c95f41c2a73fe1257669a63893a2a3e9cb0c1920a516d1ba780faea3f46e97260d2636

    • SSDEEP

      12288:BHNTywFAvN86pLbqWRKHZKfErrZJyZ0yqsGO3XR6:vT56NbqWRwZaEr3yt2O3XR6

    • BadRabbit

      Ransomware family discovered in late 2017, mainly targeting Russia and Ukraine.

    • Mimikatz

      mimikatz is an open source tool to dump credentials on Windows.

    • mimikatz is an open source tool to dump credentials on Windows

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks