badrabbit

General

Target

all-12078626.zip
Size

11KB
Sample

241005-x4rgzsvelc
MD5

5fac14f5172ad50ead70a756c27ccfd3
SHA1

4abe5a81e5743a976a4f0dca88ff839286744836
SHA256

997ee6948b2f95a13b69ca7320baef623b6052959577ee5d97e6ac0a3b1bd5f4
SHA512

168ce2eaf26d552e2d6305600557af6ce27a4fc2c0f9c177f0ab88c8c83d8c13cad56d0a5f2374cd7e77c60bec6f4d1229cb7c0995d8041c6c008c001de34691
SSDEEP

192:/dAwNzGFdPmh85ljwAOfN9eIpOYGETxJXDyfq15O+21WO23yr135c:VqdPma/zQ7ebYGETx5yfqPuWO23yN5c

Score

10^/10

Malware Config

Targets

- Target
  
  Ratio-Linking-Ratio-to-Formula-New-GCSE-Questions(Bt).docx
- Size
  
  13KB
- MD5
  
  a61f3089b7e993c2cfb425125cb4bcae
- SHA1
  
  05c8401b0c572ab98423770ccf39a394815a3a99
- SHA256
  
  815dfa5f4d592f76301a5f0f8ea7ecc53db9057e91b61292aee006337a17386e
- SHA512
  
  22ee0a814016a50dd32db06989544d5809652271b85b21729db976930ca9f51c9c2b22ff7948c27cd1d2a31799e0b2c4cd5c8a9ce94ab1dd20f4e99754873e31
- SSDEEP
  
  384:aN4F06wSpn0i13LU9FiKkDb3E+cLwoetwx02:kLqv13o3iVv3E+cLwoetc
Score

10^/10

badrabbit mimikatz discovery evasion persistence ransomware spyware stealer trojan
- BadRabbit
  Ransomware family discovered in late 2017, mainly targeting Russia and Ukraine.
  ransomware badrabbit
- Mimikatz
  mimikatz is an open source tool to dump credentials on Windows.
  mimikatz
- Modifies visibility of file extensions in Explorer
  evasion
- UAC bypass
  evasion trojan
- Renames multiple (72) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- mimikatz is an open source tool to dump credentials on Windows
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
- Drops file in System32 directory
behavioral1