General
-
Target
2024-07-25_d7ad0cdda235608cb4afb702562fdcfd_bad-rabbit_eternalpetya
-
Size
431KB
-
Sample
240725-l4gr1avgka
-
MD5
d7ad0cdda235608cb4afb702562fdcfd
-
SHA1
358699a2bc63d26030f88b6287b07aaeb69680c5
-
SHA256
06d269411d74cbc6026eab2776a7cded68dd3380b7e1b890f15d2210d2ff376f
-
SHA512
4e269eb4a0d11f54d2e3ce167471b3a52cb4cb33f0766c420c0553db48c95f41c2a73fe1257669a63893a2a3e9cb0c1920a516d1ba780faea3f46e97260d2636
-
SSDEEP
12288:BHNTywFAvN86pLbqWRKHZKfErrZJyZ0yqsGO3XR6:vT56NbqWRwZaEr3yt2O3XR6
Static task
static1
Behavioral task
behavioral1
Sample
2024-07-25_d7ad0cdda235608cb4afb702562fdcfd_bad-rabbit_eternalpetya.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
2024-07-25_d7ad0cdda235608cb4afb702562fdcfd_bad-rabbit_eternalpetya.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
2024-07-25_d7ad0cdda235608cb4afb702562fdcfd_bad-rabbit_eternalpetya
-
Size
431KB
-
MD5
d7ad0cdda235608cb4afb702562fdcfd
-
SHA1
358699a2bc63d26030f88b6287b07aaeb69680c5
-
SHA256
06d269411d74cbc6026eab2776a7cded68dd3380b7e1b890f15d2210d2ff376f
-
SHA512
4e269eb4a0d11f54d2e3ce167471b3a52cb4cb33f0766c420c0553db48c95f41c2a73fe1257669a63893a2a3e9cb0c1920a516d1ba780faea3f46e97260d2636
-
SSDEEP
12288:BHNTywFAvN86pLbqWRKHZKfErrZJyZ0yqsGO3XR6:vT56NbqWRwZaEr3yt2O3XR6
Score10/10-
BadRabbit
Ransomware family discovered in late 2017, mainly targeting Russia and Ukraine.
-
mimikatz is an open source tool to dump credentials on Windows
-
Executes dropped EXE
-
Loads dropped DLL
-