bruteratel | ed46794369d1377f08db50ca1a09957e2c227c070a1ac7e8473921eac13c4e95 | Triage

Submit
Reports

Overview

overview

Static

static

3

68d5942fb1...18.exe

windows7-x64

68d5942fb1...18.exe

windows10-2004-x64

Sharing

General

Target

68d5942fb1a7d275058960718d468ee4_JaffaCakes118
Size

88KB
Sample

241022-epvxraweqe
MD5

68d5942fb1a7d275058960718d468ee4
SHA1

2da4bc3989e2b450686045ab1d2c2d0ea82df4e7
SHA256

ed46794369d1377f08db50ca1a09957e2c227c070a1ac7e8473921eac13c4e95
SHA512

6d9e538a212208b53cb63e47f5189c702657f2b54f32f4d3ca29935c6fe03c5049c96b5a6e561063f2b055257f418cfc89aba1115bed4f99cd3455c307149d32
SSDEEP

1536:esrUFJekIsHnOCaRIj0oCudDF9DXQIdgikEH7m0:B4FJekXHjaRU0/IDFNQIdgrI

Score

10^/10

bruteratel backdoor discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

68d5942fb1a7d275058960718d468ee4_JaffaCakes118.exe

Resource

win7-20240903-en

bruteratel backdoor discovery upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

68d5942fb1a7d275058960718d468ee4_JaffaCakes118.exe

Resource

win10v2004-20241007-en

bruteratel backdoor discovery upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  68d5942fb1a7d275058960718d468ee4_JaffaCakes118
- Size
  
  88KB
- MD5
  
  68d5942fb1a7d275058960718d468ee4
- SHA1
  
  2da4bc3989e2b450686045ab1d2c2d0ea82df4e7
- SHA256
  
  ed46794369d1377f08db50ca1a09957e2c227c070a1ac7e8473921eac13c4e95
- SHA512
  
  6d9e538a212208b53cb63e47f5189c702657f2b54f32f4d3ca29935c6fe03c5049c96b5a6e561063f2b055257f418cfc89aba1115bed4f99cd3455c307149d32
- SSDEEP
  
  1536:esrUFJekIsHnOCaRIj0oCudDF9DXQIdgikEH7m0:B4FJekXHjaRU0/IDFNQIdgrI
Score

10^/10

bruteratel backdoor discovery upx
- Brute Ratel C4
  A customized command and control framework for red teaming and adversary simulation.
  backdoor bruteratel
- Detect BruteRatel badger
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bruteratelbackdoordiscoveryupx

behavioral2

bruteratelbackdoordiscoveryupx

© 2018-2025

Terms | Privacy