General
-
Target
6e3f20f269212279a3fb258d1a1e29d654f5c8225bbfe093dc62ba00aad7dd3a
-
Size
13.4MB
-
Sample
240701-g6556a1frq
-
MD5
7b4e56ccb09e914c19f686cec6653973
-
SHA1
2efca5d585f559fa4aae31a98e2ac0909c524a02
-
SHA256
6e3f20f269212279a3fb258d1a1e29d654f5c8225bbfe093dc62ba00aad7dd3a
-
SHA512
8c85f818cd64053a430ee664011e8ae226b11a9f3c9384a3af820a451feedd07ace0ad509d6c3fd90bae8cea56bf392b0b369577536f4b7088f7f945d18c22a4
-
SSDEEP
393216:lC9P3+A504fHfckZrM+p9I0JAqacLqY+jTaxmTAE5:szidkZLJB2D3T
Behavioral task
behavioral1
Sample
6e3f20f269212279a3fb258d1a1e29d654f5c8225bbfe093dc62ba00aad7dd3a.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
6e3f20f269212279a3fb258d1a1e29d654f5c8225bbfe093dc62ba00aad7dd3a
-
Size
13.4MB
-
MD5
7b4e56ccb09e914c19f686cec6653973
-
SHA1
2efca5d585f559fa4aae31a98e2ac0909c524a02
-
SHA256
6e3f20f269212279a3fb258d1a1e29d654f5c8225bbfe093dc62ba00aad7dd3a
-
SHA512
8c85f818cd64053a430ee664011e8ae226b11a9f3c9384a3af820a451feedd07ace0ad509d6c3fd90bae8cea56bf392b0b369577536f4b7088f7f945d18c22a4
-
SSDEEP
393216:lC9P3+A504fHfckZrM+p9I0JAqacLqY+jTaxmTAE5:szidkZLJB2D3T
-
Detect Blackmoon payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-