blacknet | 6af3997fbc219d7107ed501e7c1bec7e2e5fde3a8e10b4de4525921dad70a13c

General

Target

6af3997fbc219d7107ed501e7c1bec7e2e5fde3a8e10b4de4525921dad70a13c
Size

107KB
MD5

34462cc235a225cfea64571cbe5f1f9a
SHA1

bf83863f8501f4d7fb60306cef10f878f99c3341
SHA256

6af3997fbc219d7107ed501e7c1bec7e2e5fde3a8e10b4de4525921dad70a13c
SHA512

6668072aaf81198f86a62fa6cf5756c98d5d100e0f17171bb56cc7f00c0e917386bcb92bdd6d6c68a406deb0d7c1a809064a2e517b3a4bf625652495fb9a3836
SSDEEP

1536:HliXbsSM4zkmKzyXb0J5E0yESrVdLQ5SYiiJO:HYXgSLkmsab0J5cbzQwYzJO

Score

10^/10

macroexploit blacknet

Malware Config

Extracted

Family

blacknet

Botnet

MAcroExploit

C2

qcRLY15MytEH8zzltUEUXqMWcrfsJpvwf9Q847/pEPjQw/wKO/3cbdqjE/N5HkfOnvMDzlfeLP49xZyrrYQc01IRmoUWcIuDFK+Uw41r3IbCQ4S68d9CG+JSQHBD1u/k+VYdqmpcn/Rdz6DJKRufFJeoOGnvi4I0y/dk3Q3oOZ0QjPa8Br3g34putZYLkW+7vlPCz9v0kqlE8wekEHL+y0+LYms4Ik8+dRp/9egEXzTy6NrW+JDx3yNvWUBcX8wXIK8PSzZMloJPQU6QDAQY1ZAJWOdpfuL8TSXH9AKWDlFNI311m2sFcvYtKEnt6uCaHvY/R79HlfoffaozQAlYaQ==

Mutex

BN[LCsHRzym-8457373]

Attributes

antivm
true
elevate_uac
false
install_name
WindowsUpdate.exe
splitter
|BN|
start_name
24d7d2c2d063440d72f07787304f20b9
startup
true
usb_spread
true

Signatures

BlackNET Payload 1 IoCs

Processes:

resource yara_rule

sample family_blacknet
Blacknet family
blacknet

resource	yara_rule
sample	family_blacknet

Files

6af3997fbc219d7107ed501e7c1bec7e2e5fde3a8e10b4de4525921dad70a13c
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 93KB - Virtual size: 92KB

.rsrc Size: 13KB - Virtual size: 12KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 93KB - Virtual size: 92KB

.rsrc
Size: 13KB - Virtual size: 12KB

.reloc
Size: 512B - Virtual size: 12B