Overview

overview

10

Static

static

10

IMG-53858502 JPEG.exe

windows7_x64

10

IMG-53858502 JPEG.exe

windows10_x64

10

Analysis

  • max time kernel
    151s
  • max time network
    158s
  • platform
    windows7_x64
  • resource
    win7
  • submitted
    22-10-2020 16:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    IMG-53858502 JPEG.exe

  • Size

    83KB

  • MD5

    523beb012baa594d050e5f6509d7552a

  • SHA1

    e5ccd9d1bb1f199ed490ee423f8e5a7013000627

  • SHA256

    f00cc32a15455bec6b4ebcd74e3e74c698a5308dbc21a342f10d5ec6a7dd83bb

  • SHA512

    0fce5688c2962f9481e7c4f54a1c5760768aad976e8a42c701961caec9035c0dbed6018b8b79471fe835368f04cf19ed545f3330792c7a89ce1d4a984b45fc07

Score
10/10
blacknettrojan

Malware Config

Signatures

  • BlackNET

    BlackNET is an open source remote access tool written in VB.NET.

    trojanblacknet
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\IMG-53858502 JPEG.exe
    "C:\Users\Admin\AppData\Local\Temp\IMG-53858502 JPEG.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:1072

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1072-0-0x000007FEF5830000-0x000007FEF61CD000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/1072-1-0x000007FEF5830000-0x000007FEF61CD000-memory.dmp

    Filesize

    9.6MB

    Download