Overview

overview

10

Static

static

10

invoice.exe

windows7_x64

10

invoice.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    invoice.exe

  • Size

    80KB

  • MD5

    d826c6d5d9deef005d705b99cac11016

  • SHA1

    f23633dacb9b6be069c2b43f7b931a720f0c5027

  • SHA256

    a3a387c3b28b1ee8c27dcdc18aac61ef7517cfdd44379a4a77846282fff5c341

  • SHA512

    121bdd22bfaf19efbc1be67417e542177748ea51506051e428f9fd8fbec1ee79718881aae1b0197b259c994cf640d4bb818f4b2e02beecbfb81aee6ec7bad67b

Score
10/10
companyblacknet

Malware Config

Extracted

Family

blacknet

Botnet

company

C2

http://redbulllogistics.online/blackie

Mutex

BN[GRLdNjTe-8793677]

Attributes
  • antivm

    false

  • elevate_uac

    false

  • install_name

    WindowsUpdate.exe

  • splitter

    |BN|

  • start_name

    cde2f914e4cce7f13b2c1cec7b6da970

  • startup

    false

  • usb_spread

    false

Signatures

  • BlackNET Payload 1 IoCs
  • Blacknet family
    blacknet
  • Contains code to disable Windows Defender 1 IoCs

    A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

Files

  • invoice.exe
    .exe windows x86