BabbleLoader
Nov. 19, 2024, 10:05 a.m.
Description
BabbleLoader is a highly evasive malware loader designed to bypass antivirus and sandbox environments to deliver stealers into memory. It employs sophisticated techniques such as junk code insertion, metamorphic transformations, dynamic API resolution, and anti-sandboxing measures. The loader's features include altering its structure to evade detection, resolving necessary functions at runtime, and embedding encrypted malicious code in memory. It targets both English and Russian-speaking individuals through various lure themes, including cracked software and business-related applications. The loader's complexity poses significant challenges for both traditional and AI-based detection systems, making it a versatile tool for cybercriminals.
Tags
Date
- Created: Nov. 19, 2024, 9:46 a.m.
- Published: Nov. 19, 2024, 9:46 a.m.
- Modified: Nov. 19, 2024, 10:05 a.m.
Indicators
- ffcae0093d509563b47b1d0cef3aa455a4358de3a1d2c2b84c298a927aa238e8
- fa292bfcf81223bab0f79d4ce08187e37d68960005629df0241ea22f0b95d7a8
- e1448680114cb3dd06aa81a3b1037f77e6d5b3f6dce213aa38cffdec72d59e74
- e09c36993e1c29b6ef0f1c73e02aee54686c0df49b6d87b577e70f261313acaf
- db282cae419ed5af3338f65f170ecd7b312cac2500b5cb2c8824721ba981c361
- d7967661947ca835deddec30ae6e62d580718cbdeafb42cd6d0f038a407edcf0
- ca67f61b5f8d20ec3f45dbbfc355045a8ceee15396f1cad032850a3ee23a42b3
- bdd6bd29937059dd944fb09163a24e4482c5ce420d3de749e5e46c6c25b2ea86
- b72d9ae8484b91ec9c6167e6707617f495622f3b684f6b3e30b29106891c778b
- b1ebe1794e091fd82a34d6806f18f64ebadb5d3b2343a661c481fb7c54cb872f
- ae6ee6bf2f9890ed83922e5c80770dd88faa9b32b2211462ea2eed29bf1bf6c5
- a3b45619606d4c3c487047786e3d51a98fdcc1fdc43dc7b6f6e80974fd0a9c97
- a08db4c7b7bacc2bacd1e9a0ac7fbb91306bf83c279582f5ac3570a90e8b0f87
- 9bf7a01254fed809e0f564f28a3cf54156ea98f85d3b633ae3a213a87f9db143
- 9fa7574f35fae3d309c8cefe0e8a43d07afb6cefaee0caa3b2538263bd4a7ec5
- 9125c13250a14905a4fd97978a3a6dbba80df01e73d98f8d4fa2d19b49d9fda0
- 8d8c3b6be212ce645566311ce95ad9ad3aad37795042882adefda9716deb2eab
- 8cc2e1104480875ee237bf4ca9f3d83e46ca213f5c88df95be0d78e05c7c2d71
- 8907a8454ef56d64bf788b9c8c64bbaaf187be7a9666d8d8331fd187c49c6031
- 7df313618a02e8e9961ddb1c3289956eb18361f1ca9fb639d64a00fae7568a4b
- 78f6c822cee2b0587df145d67478cce5bbeb76147a7846d08b7b6fd09aa36ce2
- 6dce9024ec032390ca4294f62cb282a09291cf141cb003f7e0ef23bb7a34bfae
- 5eb3bb67656d990ceec07f55c78dcd8032a7cf00ac919a399e3642b177f68381
- 5665c96975c959b5e8057b7aed46f7c203335aefa35f5e290c538e9300e3e293
- 53e451750c099f33f80a3652d9f2a804390de0f867af13ae22ad0fbf4b15f8c3
- 4e40aaddf718b70f397d449f8ca9a577ef0106f281ccb50f0b5cde531b758881
- 4ba95478ea0ac78e038d30693fabf95244bd70e40b36b2a928f3854551d6fa78
- 47a71eb078b14a92eb5fb990f606aa48e535860af90ebc5e075c8b2e4d829633
- 46f0e190cd346d1eb6d0c27386bb3aceebf4ad44b25d253cac4063e2ccde9028
- 466a8af8d0b51ed82aec35b17b845e6baf77ada259aa2fd5591024a01d8e31b5
- 451e1bec8476a89c7d2b526071fa2918187f2f5b3ba9362e6999114993a74da5
- 3bf5f07059a24fb803c6fefb874f000e9c300372b1b870e48b4935bd0219fe2b
- 328d92b71034d74c016b1f8e70217be3f432a2ade8fe44522f84980fd0dbb1f9
- 2eab850166944175e5fac4c89706328a58dcef55dbc22ff20342d1d246ba76b9
- 2b6bff7b8c23f1fa526e116c7577c32845d5b969c68a66850c305a351adc9726
- 25923b822e9a1374817caf79375170b944f2762b1e3f2add921008ffec702740
- 22866e6ded40916de8002606f82e44ee141f27c3340fa2c4d16514624ee05a72
- 200289d5a408a2e49a894228edb3324548ca5c5c0283d09486aa287df41f15bc
- 16200bbe4646fe8cefeee5be20ce55c50300485f3356ab181fb930bd02536709
- 1367fb270f35512b17fe5e73cc0233ace272daafe15cf94e45f696431f52332f
- 0f6847d33cb38b0ed6dc1d8cfe3dc5d2e293d91c4880e3b4f5ddb77fd9d4cd1f
- 052c776fdc9700dfb37f964a73d461a57efad30a01bcf54505d7abcd601e6ff3
- 643dde3f461907a94f145b3cd8fe37dbad63aec85a4e5ed759fe843b9214a8d2