badrabbit | 9ec661c978943b08c46f922ccf58f9874c488e37d7552ede533f8e00cb53645d | Triage

Submit
Reports

Overview

overview

Static

static

1

Ransomware...it.exe

windows10-2004-x64

Sharing

General

Target

250326-xpevms1tfz_pw_infected.zip
Size

394KB
Sample

250402-j9e49awqy9
MD5

0971f5a5ef71ed847d45be71bc717a02
SHA1

abce3abe07cf8729cb1c092c9a69367553a1a41c
SHA256

9ec661c978943b08c46f922ccf58f9874c488e37d7552ede533f8e00cb53645d
SHA512

6f5add40cb25857a773141896b2385785e4ec48b181d878d78b5efe94e6e7ee58fa503550ce8cf3a837a4c90d884763d3c190757d7faf9127a2bce2b6484cc0f
SSDEEP

6144:PqDfUI+4aaEk2y8+zN89Eysah7xpjx+ors5IxGuS8wI/0sk:/b4aaEk2yhyJ7jlx+oI5IxGuSW0sk

Score

10^/10

badrabbit mimikatz discovery ransomware

Static task

static1

Behavioral task

behavioral1

Sample

Ransomware.BadRabbit.exe

Resource

win10v2004-20250314-en

badrabbit mimikatz discovery ransomware

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  Ransomware.BadRabbit.exe
- Size
  
  431KB
- MD5
  
  fbbdc39af1139aebba4da004475e8839
- SHA1
  
  de5c8d858e6e41da715dca1c019df0bfb92d32c0
- SHA256
  
  630325cac09ac3fab908f903e3b00d0dadd5fdaa0875ed8496fcbb97a558d0da
- SHA512
  
  74eca8c01de215b33d5ceea1fda3f3bef96b513f58a750dba04b0de36f7ef4f7846a6431d52879ca0d8641bfd504d4721a9a96fa2e18c6888fd67fa77686af87
- SSDEEP
  
  12288:BHNTywFAvN86pLbqWRKHZKfErrZJyZ0yqsGO3XR63:vT56NbqWRwZaEr3yt2O3XR63
Score

10^/10

badrabbit mimikatz discovery ransomware
- BadRabbit
  Ransomware family discovered in late 2017, mainly targeting Russia and Ukraine.
  ransomware badrabbit
- Badrabbit family
  badrabbit
- Mimikatz
  mimikatz is an open source tool to dump credentials on Windows.
  mimikatz
- Mimikatz family
  mimikatz
- mimikatz is an open source tool to dump credentials on Windows
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

badrabbitmimikatzdiscoveryransomware

© 2018-2025

Terms | Privacy