Overview

overview

10

Static

static

1

a1b4db93eb...27.dll

windows7-x64

10

a1b4db93eb...27.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    104s
  • max time network
    105s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250314-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/03/2025, 07:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a1b4db93eb72a520878ad338d66313fbaeab3634000fb7c69b1c34c9f3e17727.dll

  • Size

    2.5MB

  • MD5

    1e804d6e0206af158acc9758f9fff87d

  • SHA1

    596dd881f26f05a41baa862a54d12c3b31adb0e6

  • SHA256

    a1b4db93eb72a520878ad338d66313fbaeab3634000fb7c69b1c34c9f3e17727

  • SHA512

    e9d0dca12ef47f72bf1e865bb3272f73c309dabe329ee411e87a22c3e3014fbc27fca53c31caf8cdbc52ea7b545e5374bc7d249befca4159ad604403a3291d46

  • SSDEEP

    49152:FZzQqIEjvDQPOnRemSBn/VSlsBzXHWjIydNb:FYB5ydNb

Score
10/10
bruteratelbackdoor

Malware Config

Signatures

  • Brute Ratel C4

    A customized command and control framework for red teaming and adversary simulation.

    backdoorbruteratel
  • Bruteratel family
    bruteratel
  • Detect BruteRatel badger 4 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\a1b4db93eb72a520878ad338d66313fbaeab3634000fb7c69b1c34c9f3e17727.dll,#1
    1⤵
      PID:2308

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2308-4-0x000000033A710000-0x000000033A75A000-memory.dmp

      Filesize

      296KB

      Download

    • memory/2308-0-0x0000000180000000-0x0000000181D00000-memory.dmp

      Filesize

      29.0MB

      Download

    • memory/2308-5-0x000001860A290000-0x000001860BF8C000-memory.dmp

      Filesize

      29.0MB

      Download

    • memory/2308-8-0x000001860BF90000-0x000001860BFDC000-memory.dmp

      Filesize

      304KB

      Download

    • memory/2308-17-0x0000018608A80000-0x0000018608ABE000-memory.dmp

      Filesize

      248KB

      Download

    • memory/2308-7-0x000000033A710000-0x000000033A75A000-memory.dmp

      Filesize

      296KB

      Download

    • memory/2308-18-0x000000033A710000-0x000000033A75A000-memory.dmp

      Filesize

      296KB

      Download