General
-
Target
b043aa814ea783fddcd22e22279e1c296ae15a327ff9cd1bd8372face420964f
-
Size
4.4MB
-
Sample
240701-j9z5esvbnp
-
MD5
37cbbee581f03898ac8e5961afdf4c7a
-
SHA1
20ccdd9bd0cf00706585fbe6b735cfb154de09c0
-
SHA256
b043aa814ea783fddcd22e22279e1c296ae15a327ff9cd1bd8372face420964f
-
SHA512
63112a36f69149478b0ea6eb873421f80ae7fe10771da996edb144f067d2f55ce22ab6338c81f86509a16ff6dd1e91f9455b21db19356f494ba2b4fe971b2b64
-
SSDEEP
98304:wj8wbOARL1Pi60lC6nOOydL3r+4TFAUl+Gpp:obOANP0s6n4H9DJpp
Static task
static1
Behavioral task
behavioral1
Sample
b043aa814ea783fddcd22e22279e1c296ae15a327ff9cd1bd8372face420964f.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
b043aa814ea783fddcd22e22279e1c296ae15a327ff9cd1bd8372face420964f
-
Size
4.4MB
-
MD5
37cbbee581f03898ac8e5961afdf4c7a
-
SHA1
20ccdd9bd0cf00706585fbe6b735cfb154de09c0
-
SHA256
b043aa814ea783fddcd22e22279e1c296ae15a327ff9cd1bd8372face420964f
-
SHA512
63112a36f69149478b0ea6eb873421f80ae7fe10771da996edb144f067d2f55ce22ab6338c81f86509a16ff6dd1e91f9455b21db19356f494ba2b4fe971b2b64
-
SSDEEP
98304:wj8wbOARL1Pi60lC6nOOydL3r+4TFAUl+Gpp:obOANP0s6n4H9DJpp
Score10/10-
Detect Blackmoon payload
-
Adds policy Run key to start application
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-