babadeda

General

Target

JaffaCakes118_b287ca1d7e7fe40167452d4cae5a8bfbfaac8231adc71b33837a7abcdaf3b59d
Size

115.9MB
Sample

241229-165zyaylgn
MD5

015c2799b7f636fa36cc00b33980dc58
SHA1

2e90aa5929d7f723867338025541083e3e6be11e
SHA256

b287ca1d7e7fe40167452d4cae5a8bfbfaac8231adc71b33837a7abcdaf3b59d
SHA512

c1cfc048948eb5136998a25fcf2ab1be012b1a13e4ede2e518008912ed114cc193fbfa55e16d35499a2c55244f9340fd6d2ba3492362c24f7a9d22691cdb78a8
SSDEEP

3145728:mUgl9PgE+/MdIl7X0DXpnOuqqH/2/ufkyz1xF1:mU49P+/MqYpnOu3171

Score

10^/10

Malware Config

Targets

- Target
  
  ccd56bca846828d16b951b099f55ae7c.exe.vir
- Size
  
  117.7MB
- MD5
  
  ccd56bca846828d16b951b099f55ae7c
- SHA1
  
  37641c823fc68d6e22542107a58c28247763c12a
- SHA256
  
  4c88894f3db3123130bf766ea024aa8baba4e9e1bd36d6509f61477e9e9bd345
- SHA512
  
  25395603082a94fc29c8272ee1e6abb1a602b3a81080aa2012b65623b0b46e174bc984dd3484b80d56ae770943ee41c76762c060ca93234eefd9fa24f01f843c
- SSDEEP
  
  3145728:EH8jaBP74BkZ6j35PbqZAk8aHs6M9bEK+AuoFz:EHCaB4BkY0ZAk8Tusz
Score

10^/10

babadeda crypter discovery evasion loader trojan
- Babadeda
  Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.
  loader crypter babadeda
- Babadeda Crypter
- Babadeda family
  babadeda
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

3

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Babadeda Crypter

Babadeda family

Executes dropped EXE

Loads dropped DLL

Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2