Overview

overview

10

Static

static

3

0a249bd7ff...66.dll

windows10-2004-x64

1

0a249bd7ff...66.dll

windows10-ltsc 2021-x64

1

0a249bd7ff...66.dll

windows11-21h2-x64

1

0a249bd7ff...66.dll

windows7-x64

1

0ba5ecdc64...c5.dll

windows10-2004-x64

1

0ba5ecdc64...c5.dll

windows10-ltsc 2021-x64

1

0ba5ecdc64...c5.dll

windows11-21h2-x64

1

0ba5ecdc64...c5.dll

windows7-x64

1

178bba8686...67.dll

windows10-2004-x64

1

178bba8686...67.dll

windows10-ltsc 2021-x64

1

178bba8686...67.dll

windows11-21h2-x64

1

178bba8686...67.dll

windows7-x64

1

1c85c44ead...98.dll

windows10-2004-x64

1

1c85c44ead...98.dll

windows10-ltsc 2021-x64

1

1c85c44ead...98.dll

windows11-21h2-x64

1

1c85c44ead...98.dll

windows7-x64

1

63caf6bc06...bf.dll

windows10-2004-x64

1

63caf6bc06...bf.dll

windows10-ltsc 2021-x64

1

63caf6bc06...bf.dll

windows11-21h2-x64

1

63caf6bc06...bf.dll

windows7-x64

1

920baac34e...e7.dll

windows10-2004-x64

1

920baac34e...e7.dll

windows10-ltsc 2021-x64

1

920baac34e...e7.dll

windows11-21h2-x64

1

920baac34e...e7.dll

windows7-x64

1

c3439bcb0e...d5.dll

windows10-2004-x64

10

c3439bcb0e...d5.dll

windows10-ltsc 2021-x64

10

c3439bcb0e...d5.dll

windows11-21h2-x64

10

c3439bcb0e...d5.dll

windows7-x64

10

Analysis

  • max time kernel
    147s
  • max time network
    152s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    25-10-2024 10:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c3439bcb0ee6d1bda33ef15a3d1d040c331e77d5.dll

  • Size

    724KB

  • MD5

    12d56ac4ed9cadb4f6f54c7bd7fdfeb6

  • SHA1

    c3439bcb0ee6d1bda33ef15a3d1d040c331e77d5

  • SHA256

    c6c697d658dd221f27a8d58e79a478646877ac6afcf0cbe2ce919862f3889c6b

  • SHA512

    1a6737f4977b2a0e94498edda635cb09d1ea63ee0072fedec16f1227d99d602298e60d091fd958494b4a6b7730f8c11c670c1164ac57a8c7e7aeb98deb3390b0

  • SSDEEP

    12288:+h/M5nsxW5fFcrGn7Q21Svj07MGpmeSM6C4LWYv1AoMVPPynuJskZVjSKUCWnkoD:+rr+VPPnJs3KUCWkC3r

Score
10/10
bruteratelbackdoor

Malware Config

Signatures

  • Brute Ratel C4

    A customized command and control framework for red teaming and adversary simulation.

    backdoorbruteratel
  • Detect BruteRatel badger 1 IoCs
  • Blocklisted process makes network request 6 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\c3439bcb0ee6d1bda33ef15a3d1d040c331e77d5.dll,#1
    1⤵
    • Blocklisted process makes network request
    • Suspicious behavior: EnumeratesProcesses
    PID:2580

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2580-0-0x000002587D4F0000-0x000002587D52E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2580-1-0x000002587D4F0000-0x000002587D52E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2580-2-0x000002587D530000-0x000002587D57C000-memory.dmp

    Filesize

    304KB

    Download

  • memory/2580-11-0x000002587D4F0000-0x000002587D52E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2580-12-0x000002587D530000-0x000002587D57C000-memory.dmp

    Filesize

    304KB

    Download