Overview

overview

10

Static

static

3

5969279a9d...8N.exe

windows7-x64

10

5969279a9d...8N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5969279a9d2c4e7f41c21cbd5aff02074bc15f15e0af4aa2762760c3dc288f28N

  • Size

    395KB

  • Sample

    241026-jljsjasakh

  • MD5

    c6fc49cbcce11aaff7c149223fc52470

  • SHA1

    71d8ecf6e3f05efb7fb4fe910e9d0262c6243fee

  • SHA256

    5969279a9d2c4e7f41c21cbd5aff02074bc15f15e0af4aa2762760c3dc288f28

  • SHA512

    ab0bf32b3954685fb0a4be1b124db1e1312f892793efd7d58df8b010b1f4c7a8ff4dd6f18e38fcb7ad9665b56806bcea7b8c8e0f3f20a5034cbc3589177caff7

  • SSDEEP

    6144:fvdA+Ss4y70u4HXs4yr0u490u4Ds4yvW8lM:fv14O0dHc4i0d90dA4X

Score
10/10
bruteratelbackdoordiscoverypersistence

Malware Config

Targets

    • Target

      5969279a9d2c4e7f41c21cbd5aff02074bc15f15e0af4aa2762760c3dc288f28N

    • Size

      395KB

    • MD5

      c6fc49cbcce11aaff7c149223fc52470

    • SHA1

      71d8ecf6e3f05efb7fb4fe910e9d0262c6243fee

    • SHA256

      5969279a9d2c4e7f41c21cbd5aff02074bc15f15e0af4aa2762760c3dc288f28

    • SHA512

      ab0bf32b3954685fb0a4be1b124db1e1312f892793efd7d58df8b010b1f4c7a8ff4dd6f18e38fcb7ad9665b56806bcea7b8c8e0f3f20a5034cbc3589177caff7

    • SSDEEP

      6144:fvdA+Ss4y70u4HXs4yr0u490u4Ds4yvW8lM:fv14O0dHc4i0d90dA4X

    Score
    10/10
    discoverypersistencebruteratelbackdoor

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Brute Ratel C4

      A customized command and control framework for red teaming and adversary simulation.

      backdoorbruteratel

    • Bruteratel family

      bruteratel

    • Detect BruteRatel badger

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks