bruteratel | 0d9d65a1f9c447584a022a866fed2399bf8b42e2a0087a786e87087bba1e18f1 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

Document-20-18-07.js

windows7-x64

Document-20-18-07.js

windows10-2004-x64

Sharing

General

Target

Document-20-18-07.js
Size

339KB
Sample

241003-y8ejnaydka
MD5

75e64bec47916e4860cb6b151fcbaed6
SHA1

0102db540317b48d319cfb5b3538e364ff2bac6b
SHA256

0d9d65a1f9c447584a022a866fed2399bf8b42e2a0087a786e87087bba1e18f1
SHA512

208d0b1239c531d34f3bba59a950cf0b791e85870c6cc4512327733010e02fb4b932d98ff13d40cb758636453ad3bdc84509a1c0778facf47a56ecb79a8daee7
SSDEEP

6144:TnOwLgNJEXMI/ptQxobwi+a0xPr4fTpJ2Ll29NOzWC22hFMPPr6wWHclWErffr+:q6gNJEXhBtmobwi+bMT2LlKOztPFmGHd

Score

10^/10

bruteratel backdoor discovery execution

Static task

static1

Behavioral task

behavioral1

Sample

Document-20-18-07.js

Resource

win7-20240903-en

bruteratel backdoor discovery execution

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

Document-20-18-07.js

Resource

win10v2004-20240802-en

bruteratel backdoor discovery execution

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  Document-20-18-07.js
- Size
  
  339KB
- MD5
  
  75e64bec47916e4860cb6b151fcbaed6
- SHA1
  
  0102db540317b48d319cfb5b3538e364ff2bac6b
- SHA256
  
  0d9d65a1f9c447584a022a866fed2399bf8b42e2a0087a786e87087bba1e18f1
- SHA512
  
  208d0b1239c531d34f3bba59a950cf0b791e85870c6cc4512327733010e02fb4b932d98ff13d40cb758636453ad3bdc84509a1c0778facf47a56ecb79a8daee7
- SSDEEP
  
  6144:TnOwLgNJEXMI/ptQxobwi+a0xPr4fTpJ2Ll29NOzWC22hFMPPr6wWHclWErffr+:q6gNJEXhBtmobwi+bMT2LlKOztPFmGHd
Score

10^/10

bruteratel backdoor discovery execution
- Brute Ratel C4
  A customized command and control framework for red teaming and adversary simulation.
  backdoor bruteratel
- Bruteratel family
  bruteratel
- Detect BruteRatel badger
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bruteratelbackdoordiscoveryexecution

behavioral2

bruteratelbackdoordiscoveryexecution

© 2018-2025

Terms | Privacy