babylonrat | 56ec111253aff737c572ef8167dd457283a1402018e72a56226de5c57b554faf | Triage

Sharing

General

Target

2025-04-18_b70896903a7d2e813542e8fcf1f4f477_black-basta_cobalt-strike_satacom
Size

1.1MB
Sample

250418-mx7khstkw5
MD5

b70896903a7d2e813542e8fcf1f4f477
SHA1

ac7fd3642da9ace983234d60a5ea2b6cf6c3fb58
SHA256

56ec111253aff737c572ef8167dd457283a1402018e72a56226de5c57b554faf
SHA512

1fd80f335774ad7734acfa54525f663598e0de8cad687b82ba3e970a2fd9e6ba6fdaf6c8f27d667bf04468e62c7b6de0ad9aeb2c2ecd45ab4984cd54384543b7
SSDEEP

24576:VHHiWcxaiMk5sbviePA+Q8jNy2gMZ4STyPwncCsYeeNrbT:VHHiXaI5UHQX2rZ43P2RsYl

Score

10^/10

babylonrat discovery execution trojan

Malware Config

Targets

- Target
  
  2025-04-18_b70896903a7d2e813542e8fcf1f4f477_black-basta_cobalt-strike_satacom
- Size
  
  1.1MB
- MD5
  
  b70896903a7d2e813542e8fcf1f4f477
- SHA1
  
  ac7fd3642da9ace983234d60a5ea2b6cf6c3fb58
- SHA256
  
  56ec111253aff737c572ef8167dd457283a1402018e72a56226de5c57b554faf
- SHA512
  
  1fd80f335774ad7734acfa54525f663598e0de8cad687b82ba3e970a2fd9e6ba6fdaf6c8f27d667bf04468e62c7b6de0ad9aeb2c2ecd45ab4984cd54384543b7
- SSDEEP
  
  24576:VHHiWcxaiMk5sbviePA+Q8jNy2gMZ4STyPwncCsYeeNrbT:VHHiXaI5UHQX2rZ43P2RsYl
Score

10^/10

babylonrat discovery execution trojan
- Babylon RAT
  Babylon RAT is remote access trojan written in C++.
  trojan babylonrat
- Babylonrat family
  babylonrat
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

babylonratdiscoveryexecutiontrojan

behavioral2

babylonratdiscoveryexecutiontrojan