Overview

overview

10

Static

static

6F02CA9FDC...9B.exe

windows7-x64

10

6F02CA9FDC...9B.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6F02CA9FDC2CD216C60C1013DC5BFBCA6384ED866E39B.exe

  • Size

    438KB

  • Sample

    220814-grnmkaafdn

  • MD5

    0c551697d82616d3b1a485eddf0af56f

  • SHA1

    40023cac06e70e14c13fbc7b710e87fce5406c61

  • SHA256

    6f02ca9fdc2cd216c60c1013dc5bfbca6384ed866e39b033a3c2bf68cdc0b79e

  • SHA512

    63a260836f4de87333232c899c8d5351a9db1e338caffbf2f5f577f96bbadac992bc041a623f7b3c1cbfea5af5228060b95725f758b1abf6428e75c17684a9a8

Score
10/10
blacknettrojan

Malware Config

Targets

    • Target

      6F02CA9FDC2CD216C60C1013DC5BFBCA6384ED866E39B.exe

    • Size

      438KB

    • MD5

      0c551697d82616d3b1a485eddf0af56f

    • SHA1

      40023cac06e70e14c13fbc7b710e87fce5406c61

    • SHA256

      6f02ca9fdc2cd216c60c1013dc5bfbca6384ed866e39b033a3c2bf68cdc0b79e

    • SHA512

      63a260836f4de87333232c899c8d5351a9db1e338caffbf2f5f577f96bbadac992bc041a623f7b3c1cbfea5af5228060b95725f758b1abf6428e75c17684a9a8

    Score
    10/10
    blacknettrojan

    • BlackNET

      BlackNET is an open source remote access tool written in VB.NET.

      trojanblacknet

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks