Extracted

• • Target

    ba46fe758af56f3b802a48257400ae3b_JaffaCakes118

  • Size

    681KB

  • MD5

    ba46fe758af56f3b802a48257400ae3b

  • SHA1

    23feb167e861cb76347c67d8203ecf88ead0100e

  • SHA256

    9deea273844a59993c433e30d5bed48c2da32dfc63280b8b7ed4b0ce6f2968e8

  • SHA512

    8ca358cd43aa75d51cc3c23f6be1adc1294283db59a8b5bcee25896fc29a8e1624f662967e8a26a87c5932f27a521a181ceda74022d643a65a0b3c51e0ec4330

  • SSDEEP

    12288:jGv+NEHnC5D31a7pZN+dQAfuKonKyM2MvDnGVZu0+O:tNEHuD3YpiKAWKonUZvDGLu0n

  Score

  10^/10

  babylonratdiscoverytrojanupx

  • Babylon RAT

    Babylon RAT is remote access trojan written in C++.

    trojanbabylonrat

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Suspicious use of SetThreadContext

  behavioral1behavioral2