babylonrat | 4b020e512f2fedbc6cbcf046222d21fd169ae2a21ce943838100423275aadebf | Triage

Submit
Reports

Overview

overview

Static

static

5

4b020e512f...fN.exe

windows7-x64

4b020e512f...fN.exe

windows10-2004-x64

Sharing

General

Target

4b020e512f2fedbc6cbcf046222d21fd169ae2a21ce943838100423275aadebfN
Size

1.4MB
Sample

241025-1kvl3svfmc
MD5

19ef79416734ed2c19e14778f3492830
SHA1

f7b278023891bc8cf9452b45c9a49b908b3ee012
SHA256

4b020e512f2fedbc6cbcf046222d21fd169ae2a21ce943838100423275aadebf
SHA512

d16142a282c4918aaef36299eba0b339085d587473bc30635bc8e4091543b924e57f832bba93a0fb1399ce6799cc7b05571e497d4fdb42ca996357ff15651f73
SSDEEP

24576:MAHnh+eWsN3skA4RV1Hom2KXMmHal6Tayml+2DlX+eW+zO5Zq2WLCnZyhl9vISJe:rh+ZkldoPK8YalEaRY2D8ecgXhlCv

Score

10^/10

babylonrat discovery trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

4b020e512f2fedbc6cbcf046222d21fd169ae2a21ce943838100423275aadebfN.exe

Resource

win7-20241010-en

babylonrat discovery trojan upx

windows7-x64

9 signatures

120 seconds

Behavioral task

behavioral2

Sample

4b020e512f2fedbc6cbcf046222d21fd169ae2a21ce943838100423275aadebfN.exe

Resource

win10v2004-20241007-en

babylonrat discovery trojan upx

windows10-2004-x64

10 signatures

120 seconds

Malware Config

Targets

- Target
  
  4b020e512f2fedbc6cbcf046222d21fd169ae2a21ce943838100423275aadebfN
- Size
  
  1.4MB
- MD5
  
  19ef79416734ed2c19e14778f3492830
- SHA1
  
  f7b278023891bc8cf9452b45c9a49b908b3ee012
- SHA256
  
  4b020e512f2fedbc6cbcf046222d21fd169ae2a21ce943838100423275aadebf
- SHA512
  
  d16142a282c4918aaef36299eba0b339085d587473bc30635bc8e4091543b924e57f832bba93a0fb1399ce6799cc7b05571e497d4fdb42ca996357ff15651f73
- SSDEEP
  
  24576:MAHnh+eWsN3skA4RV1Hom2KXMmHal6Tayml+2DlX+eW+zO5Zq2WLCnZyhl9vISJe:rh+ZkldoPK8YalEaRY2D8ecgXhlCv
Score

10^/10

babylonrat discovery trojan upx
- Babylon RAT
  Babylon RAT is remote access trojan written in C++.
  trojan babylonrat
- Babylonrat family
  babylonrat
- Suspicious use of SetThreadContext
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

babylonratdiscoverytrojanupx

behavioral2

babylonratdiscoverytrojanupx

© 2018-2024

Terms | Privacy