babylonrat | 77e22b511cd236cae46f55e50858aea174021a1cd431beaa5e7839a9d062e4c7 | Triage

Submit
Reports

Overview

overview

Static

static

3

PDFview.exe

windows7-x64

PDFview.exe

windows10-2004-x64

Sharing

General

Target

PDFview.exe
Size

301.0MB
Sample

240828-n2dcxaxblf
MD5

bc598aa0d798948e0d1a9184e0e4be5e
SHA1

8c20b018a33092be4b73c569380ae463d956aec1
SHA256

77e22b511cd236cae46f55e50858aea174021a1cd431beaa5e7839a9d062e4c7
SHA512

822f98b256dd75cbfe4ab720cacff4b60cfa18922ac259e8cb99cf57cb8b7ec6e69df9c6ba8179d19001c16aaea9f546ec17ac43b6c19f4de924a98d68eb0ab2
SSDEEP

6291456:iIVKn0F7r0SL1Q2VlTstG5AP6dRM9o/bILtQXIEqpIc32:iIInAfd5z4sZdRBMOXtq2cm

Score

10^/10

babylonrat discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

PDFview.exe

Resource

win7-20240708-en

babylonrat discovery trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

PDFview.exe

Resource

win10v2004-20240802-en

babylonrat discovery trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

babylonrat

C2

64.176.65.152

Targets

- Target
  
  PDFview.exe
- Size
  
  301.0MB
- MD5
  
  bc598aa0d798948e0d1a9184e0e4be5e
- SHA1
  
  8c20b018a33092be4b73c569380ae463d956aec1
- SHA256
  
  77e22b511cd236cae46f55e50858aea174021a1cd431beaa5e7839a9d062e4c7
- SHA512
  
  822f98b256dd75cbfe4ab720cacff4b60cfa18922ac259e8cb99cf57cb8b7ec6e69df9c6ba8179d19001c16aaea9f546ec17ac43b6c19f4de924a98d68eb0ab2
- SSDEEP
  
  6291456:iIVKn0F7r0SL1Q2VlTstG5AP6dRM9o/bILtQXIEqpIc32:iIInAfd5z4sZdRBMOXtq2cm
Score

10^/10

babylonrat discovery trojan upx
- Babylon RAT
  Babylon RAT is remote access trojan written in C++.
  trojan babylonrat
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

babylonratdiscoverytrojanupx

behavioral2

babylonratdiscoverytrojanupx

© 2018-2024

Terms | Privacy