Extracted

Extracted

• • Target

    b8990f204ca595e23562aa8063fd163651771626ba4acf45890f25315616fc1e

  • Size

    6.0MB

  • MD5

    b2de6e79656610e61aeb54529ca6f618

  • SHA1

    7320fba8d48c7d1c122f2a56e2bfd7554da3bb8a

  • SHA256

    b8990f204ca595e23562aa8063fd163651771626ba4acf45890f25315616fc1e

  • SHA512

    4b545c8a6351d2bf9ced772ba10d97d6f3a279e77353de77edd223c78331c24003e224f49f5b343e3a36be3079b982625b0fca078def73f3bfd4e585ad0e433d

  • SSDEEP

    98304:mH7CgqLPRPYv7cZuwYx72XPo0+XH6zVjAcJya7GLmlv9OHwqmFNlG4tg/uLqxBAX:C+gqLKB2pEcDyadvlDtyuC+IK0G

  Score

  10^/10

  babadedametasploitbackdoorcrypterdiscoveryloadertrojan

  • Babadeda

    Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.

    loadercrypterbabadeda

  • Babadeda Crypter

  • Babadeda family

    babadeda

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Executes dropped EXE

  • Loads dropped DLL

  • Blocklisted process makes network request

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1behavioral2