Overview

overview

10

Static

static

10

a18b7cb1fe...62.exe

windows7_x64

10

a18b7cb1fe...62.exe

windows10_x64

10

Analysis

  • max time kernel
    151s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7v20210408
  • submitted
    22-07-2021 08:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a18b7cb1fe97912ffc3e38d76ccc0462.exe

  • Size

    88KB

  • MD5

    a18b7cb1fe97912ffc3e38d76ccc0462

  • SHA1

    c5908c111223d69f532973643381983ba385c1c1

  • SHA256

    2d5e2831e24496bd74a7a2317f824657905cdadaeb00f5c6e33e9b75c5231a2f

  • SHA512

    d92025f6eb3ab4a594113813284361694ce1b78cfd513d88f4ea842ea7d37c91976066b33089c4da048e39cc4c65654637d2a14138327df40f89d4bb0963be1c

Score
10/10
blacknettrojan

Malware Config

Signatures

  • BlackNET

    BlackNET is an open source remote access tool written in VB.NET.

    trojanblacknet
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a18b7cb1fe97912ffc3e38d76ccc0462.exe
    "C:\Users\Admin\AppData\Local\Temp\a18b7cb1fe97912ffc3e38d76ccc0462.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:1608

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1608-60-0x0000000001180000-0x0000000001181000-memory.dmp
    Filesize

    4KB

    Download
  • memory/1608-62-0x000000001AE80000-0x000000001AE82000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1608-63-0x000000001AE82000-0x000000001AE83000-memory.dmp
    Filesize

    4KB

    Download
  • memory/1608-65-0x000000001AE89000-0x000000001AEA8000-memory.dmp
    Filesize

    124KB

    Download
  • memory/1608-64-0x000000001AE84000-0x000000001AE85000-memory.dmp
    Filesize

    4KB

    Download