Behavioral task
behavioral1
Sample
9256e208fd02f0fc05a257e4ec61931fbefc30aafb530fceb150272131c1221a.exe
Resource
win7-20220414-en
General
-
Target
9256e208fd02f0fc05a257e4ec61931fbefc30aafb530fceb150272131c1221a
-
Size
69KB
-
MD5
82008b605cb87eddd484c18ee9c35f03
-
SHA1
b6688552db53bdcfb6f6eec48d9fb7a953ef2a18
-
SHA256
9256e208fd02f0fc05a257e4ec61931fbefc30aafb530fceb150272131c1221a
-
SHA512
6c749b4d9f005e2b13b5440a0a78bd3a6be2e0381b2231028a815c442a5f9a574bbe50acbb302e70df3d545dad6ca1a61799b3993f3c4fdf8b345af5818a5e06
-
SSDEEP
768:Of6NqPjq1442k9yOFHeQXIZhgXMrpRnvCNwfbi4vCY/LW4c6pM34G2E3:O86goOF9XIZhbvCGbi4vCD4hM34W3
Malware Config
Extracted
blacknet
sana
http://davidescu.000webhostapp.com/BlackNET%20Pane
BN[UKBPZIIu-0579585]
-
antivm
false
-
elevate_uac
false
-
install_name
svchost.exe
-
splitter
|BN|
-
start_name
17d5d9a29524a220af2c5580f0145c42
-
startup
false
-
usb_spread
false
Signatures
-
BlackNET Payload 1 IoCs
Processes:
resource yara_rule sample family_blacknet -
Blacknet family
Files
-
9256e208fd02f0fc05a257e4ec61931fbefc30aafb530fceb150272131c1221a.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 55KB - Virtual size: 55KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ