Resubmissions

15/03/2025, 09:03

250315-kz39rsy1fx 10

15/03/2025, 09:02

250315-kzr7hay1e1 10

General

  • Target

    zzzz.exe

  • Size

    439KB

  • Sample

    250315-kzr7hay1e1

  • MD5

    91dfc3dc22ce12c3cb94b2afb29735f9

  • SHA1

    4478a7cca636b5163e24328478f6c654ffc02184

  • SHA256

    66e6eb7cf7be2d2f07adec4d17c143c6a58d56cda382da6ff918ebecc8ee807a

  • SHA512

    6799e99a258f3c65ef511e5faf7f5b843a30f6ae0a8e6112505cf9fc09c12732f8147e8498922d8451af1c5f5a899e55da8ad68a6c6f0555e358d9b9ed9321a9

  • SSDEEP

    12288:VLdcfxaeM6fy/KaVUtgKkTZ73coNRJHwSuBzB0:dkIZGSAtgN+eJHwSuBzB0

Malware Config

Targets

    • Target

      zzzz.exe

    • Size

      439KB

    • MD5

      91dfc3dc22ce12c3cb94b2afb29735f9

    • SHA1

      4478a7cca636b5163e24328478f6c654ffc02184

    • SHA256

      66e6eb7cf7be2d2f07adec4d17c143c6a58d56cda382da6ff918ebecc8ee807a

    • SHA512

      6799e99a258f3c65ef511e5faf7f5b843a30f6ae0a8e6112505cf9fc09c12732f8147e8498922d8451af1c5f5a899e55da8ad68a6c6f0555e358d9b9ed9321a9

    • SSDEEP

      12288:VLdcfxaeM6fy/KaVUtgKkTZ73coNRJHwSuBzB0:dkIZGSAtgN+eJHwSuBzB0

    • Babylon RAT

      Babylon RAT is remote access trojan written in C++.

    • Babylonrat family

    • Executes dropped EXE

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks