babylonrat | d4672bb77e373845f4c9367ddcaea83c04e3bbf610e1cacd78a5f2fe1cef7122 | Triage

Submit
Reports

Overview

overview

Static

static

Svchost.exe

windows10-2004-x64

Sharing

General

Target

Svchost.exe
Size

355KB
Sample

241107-zetxxsxpbz
MD5

56a6dad3b5c2d51c3a8cd8604f51c31e
SHA1

8b3bf3042278cc124a81d313245c307dd7171c78
SHA256

d4672bb77e373845f4c9367ddcaea83c04e3bbf610e1cacd78a5f2fe1cef7122
SHA512

3257f6558375cd81c1dfc26bccf99dd22646b4ad4619c43e404a10f9a7500dba36f65ab2d40690c8ec298bb2468f8657abaaa6e9bb350db65fa6b0c5709b0a6f
SSDEEP

6144:nL1ncfWwN0oc35jeRh8Xqfy/Ka1OHAH0tMrKCTEABG+Z9d3cQT/9nR4Ioy19O6rV:nLdcfxaeM6fy/KaVUtgKkTZ73coNRJO6

Score

10^/10

babylonrat discovery persistence trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Svchost.exe

Resource

win10v2004-20241007-en

babylonrat discovery persistence trojan upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  Svchost.exe
- Size
  
  355KB
- MD5
  
  56a6dad3b5c2d51c3a8cd8604f51c31e
- SHA1
  
  8b3bf3042278cc124a81d313245c307dd7171c78
- SHA256
  
  d4672bb77e373845f4c9367ddcaea83c04e3bbf610e1cacd78a5f2fe1cef7122
- SHA512
  
  3257f6558375cd81c1dfc26bccf99dd22646b4ad4619c43e404a10f9a7500dba36f65ab2d40690c8ec298bb2468f8657abaaa6e9bb350db65fa6b0c5709b0a6f
- SSDEEP
  
  6144:nL1ncfWwN0oc35jeRh8Xqfy/Ka1OHAH0tMrKCTEABG+Z9d3cQT/9nR4Ioy19O6rV:nLdcfxaeM6fy/KaVUtgKkTZ73coNRJO6
Score

10^/10

babylonrat discovery persistence trojan upx
- Babylon RAT
  Babylon RAT is remote access trojan written in C++.
  trojan babylonrat
- Babylonrat family
  babylonrat
- Executes dropped EXE
- Adds Run key to start application
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

babylonratdiscoverypersistencetrojanupx

© 2018-2024

Terms | Privacy