Analysis
-
max time kernel
151s -
max time network
158s -
platform
windows7_x64 -
resource
win7 -
submitted
22-10-2020 16:21
General
-
Target
IMG-53858502 JPEG.exe
-
Size
83KB
-
MD5
523beb012baa594d050e5f6509d7552a
-
SHA1
e5ccd9d1bb1f199ed490ee423f8e5a7013000627
-
SHA256
f00cc32a15455bec6b4ebcd74e3e74c698a5308dbc21a342f10d5ec6a7dd83bb
-
SHA512
0fce5688c2962f9481e7c4f54a1c5760768aad976e8a42c701961caec9035c0dbed6018b8b79471fe835368f04cf19ed545f3330792c7a89ce1d4a984b45fc07
Score
10/10
Malware Config
Signatures
-
BlackNET
BlackNET is an open source remote access tool written in VB.NET.
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\IMG-53858502 JPEG.exe"C:\Users\Admin\AppData\Local\Temp\IMG-53858502 JPEG.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1072-0-0x000007FEF5830000-0x000007FEF61CD000-memory.dmpFilesize
9.6MB
-
memory/1072-1-0x000007FEF5830000-0x000007FEF61CD000-memory.dmpFilesize
9.6MB