badrabbit | a1c59d7113ceea1763c5cb50bd9ae1e8722b7ced475fd438dd5f30d3a78eb66a | Triage

Submit
Reports

Overview

overview

Static

static

1

2025-04-04...ya.exe

windows10-2004-x64

Sharing

General

Target

2025-04-04_998b11a97693c14be76951f9630c0021_bad-rabbit_eternalpetya
Size

431KB
Sample

250404-gma6nstly2
MD5

998b11a97693c14be76951f9630c0021
SHA1

a14fe179e690149f76ebc8072d2e530ae77e64b6
SHA256

a1c59d7113ceea1763c5cb50bd9ae1e8722b7ced475fd438dd5f30d3a78eb66a
SHA512

7970a23ea4ec81052798f60554e7372711c4429c7294154a060eabba08721b97c86296aed1e7fd04c53328a15137d415376693554dd263965f40742b6eed5f29
SSDEEP

12288:BHNTywFAvN86pLbqWRKHZKfErrZJyZ0yqsGO3XR6M:vT56NbqWRwZaEr3yt2O3XR6M

Score

10^/10

badrabbit mimikatz discovery ransomware

Static task

static1

Behavioral task

behavioral1

Sample

2025-04-04_998b11a97693c14be76951f9630c0021_bad-rabbit_eternalpetya.exe

Resource

win10v2004-20250314-en

badrabbit mimikatz discovery ransomware

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  2025-04-04_998b11a97693c14be76951f9630c0021_bad-rabbit_eternalpetya
- Size
  
  431KB
- MD5
  
  998b11a97693c14be76951f9630c0021
- SHA1
  
  a14fe179e690149f76ebc8072d2e530ae77e64b6
- SHA256
  
  a1c59d7113ceea1763c5cb50bd9ae1e8722b7ced475fd438dd5f30d3a78eb66a
- SHA512
  
  7970a23ea4ec81052798f60554e7372711c4429c7294154a060eabba08721b97c86296aed1e7fd04c53328a15137d415376693554dd263965f40742b6eed5f29
- SSDEEP
  
  12288:BHNTywFAvN86pLbqWRKHZKfErrZJyZ0yqsGO3XR6M:vT56NbqWRwZaEr3yt2O3XR6M
Score

10^/10

badrabbit mimikatz discovery ransomware
- BadRabbit
  Ransomware family discovered in late 2017, mainly targeting Russia and Ukraine.
  ransomware badrabbit
- Badrabbit family
  badrabbit
- Mimikatz
  mimikatz is an open source tool to dump credentials on Windows.
  mimikatz
- Mimikatz family
  mimikatz
- mimikatz is an open source tool to dump credentials on Windows
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

badrabbitmimikatzdiscoveryransomware

© 2018-2025

Terms | Privacy