General

  • Target

    17baa02aad7926a257f2c5d817525120ed26bd1bd95de922b31172de019f7a50

  • Size

    147KB

  • Sample

    220502-seqf6saack

  • MD5

    dffd4f7b47b80c2e8dce69db3bf30d4a

  • SHA1

    6a1c2f1b56cdf05eaaaf55a880dee8ea66dbacc8

  • SHA256

    17baa02aad7926a257f2c5d817525120ed26bd1bd95de922b31172de019f7a50

  • SHA512

    f7c557554cbd4c43520c8969c17bd285e37422826462cb379c65ccdb3c6b25329edbba2102594732370df7274f9ca314404ef7d33e2c3a84405ebfc49d04122c

Malware Config

Targets

    • Target

      17baa02aad7926a257f2c5d817525120ed26bd1bd95de922b31172de019f7a50

    • Size

      147KB

    • MD5

      dffd4f7b47b80c2e8dce69db3bf30d4a

    • SHA1

      6a1c2f1b56cdf05eaaaf55a880dee8ea66dbacc8

    • SHA256

      17baa02aad7926a257f2c5d817525120ed26bd1bd95de922b31172de019f7a50

    • SHA512

      f7c557554cbd4c43520c8969c17bd285e37422826462cb379c65ccdb3c6b25329edbba2102594732370df7274f9ca314404ef7d33e2c3a84405ebfc49d04122c

    • BlackNET

      BlackNET is an open source remote access tool written in VB.NET.

    • suricata: ET MALWARE Win32/BlackNET CnC Keep-Alive

      suricata: ET MALWARE Win32/BlackNET CnC Keep-Alive

    • suricata: ET MALWARE Win32/BlackNET CnC Requesting Command

      suricata: ET MALWARE Win32/BlackNET CnC Requesting Command

    • Executes dropped EXE

    • Adds Run key to start application

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v6

Tasks