General

  • Target

    penis.exe

  • Size

    355KB

  • Sample

    250503-w8gmxaam3s

  • MD5

    89beffcb38d61393e459fd097f89561f

  • SHA1

    8fb5c0b9e2cb44ac35091463589e68e4034e881b

  • SHA256

    09abbc94ab2f700a35ff179f92c62b5d1557c018714312e208c8da57f56b9119

  • SHA512

    650ebfc9c542bfd343c2ce6a1dae9d903ff8795b6ddf6cebeb2ac28b4ce9e8072f94d5292628b03b981d2059a6e12388b69076d8b8006e5badd87be971db6f9d

  • SSDEEP

    6144:1L1ncfWwN0oc35jeRh8Xqfy/Ka1OHAH0tMrKCTEABG+Z9d3cQT/9nR4Ioy195:1LdcfxaeM6fy/KaVUtgKkTZ73coNRJ

Malware Config

Targets

    • Target

      penis.exe

    • Size

      355KB

    • MD5

      89beffcb38d61393e459fd097f89561f

    • SHA1

      8fb5c0b9e2cb44ac35091463589e68e4034e881b

    • SHA256

      09abbc94ab2f700a35ff179f92c62b5d1557c018714312e208c8da57f56b9119

    • SHA512

      650ebfc9c542bfd343c2ce6a1dae9d903ff8795b6ddf6cebeb2ac28b4ce9e8072f94d5292628b03b981d2059a6e12388b69076d8b8006e5badd87be971db6f9d

    • SSDEEP

      6144:1L1ncfWwN0oc35jeRh8Xqfy/Ka1OHAH0tMrKCTEABG+Z9d3cQT/9nR4Ioy195:1LdcfxaeM6fy/KaVUtgKkTZ73coNRJ

    • Babylon RAT

      Babylon RAT is remote access trojan written in C++.

    • Babylonrat family

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v16

Tasks