babylonrat | 92bd69c3130ecb7a5113f9a5c2dc8463e16e21e6db3414cf0a8342c4dab702e1 | Triage

Submit
Reports

Overview

overview

Static

static

niggas.exe

windows10-1703-x64

Sharing

General

Target

niggas.exe
Size

355KB
Sample

240828-bbz3rsyfmg
MD5

427d3738eeb619ef2c1ef2510baac15c
SHA1

1b53ba2b409632de07ba41bd9a1aa62330ab4568
SHA256

92bd69c3130ecb7a5113f9a5c2dc8463e16e21e6db3414cf0a8342c4dab702e1
SHA512

fbe735a7107d4eb6272d98da93ad6db9ab172eec5532217c2289bf4bc676ffa287924d63c0d8f8b0adba76be92a6f2f7880bee0ab5bd85c7ac14df52b1b3645c
SSDEEP

6144:iL1ncfWwN0oc35jeRh8Xqfy/Ka1OHAH0tMrKCTEABG+Z9d3cQT/9nR4Ioy19erV:iLdcfxaeM6fy/KaVUtgKkTZ73coNRJe

Score

10^/10

babylonrat discovery persistence trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

niggas.exe

Resource

win10-20240611-en

babylonrat discovery persistence trojan upx

windows10-1703-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  niggas.exe
- Size
  
  355KB
- MD5
  
  427d3738eeb619ef2c1ef2510baac15c
- SHA1
  
  1b53ba2b409632de07ba41bd9a1aa62330ab4568
- SHA256
  
  92bd69c3130ecb7a5113f9a5c2dc8463e16e21e6db3414cf0a8342c4dab702e1
- SHA512
  
  fbe735a7107d4eb6272d98da93ad6db9ab172eec5532217c2289bf4bc676ffa287924d63c0d8f8b0adba76be92a6f2f7880bee0ab5bd85c7ac14df52b1b3645c
- SSDEEP
  
  6144:iL1ncfWwN0oc35jeRh8Xqfy/Ka1OHAH0tMrKCTEABG+Z9d3cQT/9nR4Ioy19erV:iLdcfxaeM6fy/KaVUtgKkTZ73coNRJe
Score

10^/10

babylonrat discovery persistence trojan upx
- Babylon RAT
  Babylon RAT is remote access trojan written in C++.
  trojan babylonrat
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

babylonratdiscoverypersistencetrojanupx

© 2018-2024

Terms | Privacy