Overview

overview

10

Static

static

10

78176-246-...ry.exe

windows7-x64

78176-246-...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    78176-246-0x0000000000400000-0x0000000000426000-memory.dmp

  • Size

    152KB

  • MD5

    6d24ddf3a6a13cec2c0e22a387b9b630

  • SHA1

    75c34c0df1ffe36d0817bafcef63606dfed611da

  • SHA256

    49a7625b47f8c1b7c1284a4fc30c156b1a51104e77f9d51e8c9268c16bb4205b

  • SHA512

    ede73d1af24d32adcb2e364cf8c6de443dda99d63bac3029872f89fc5584d96dc2f40332b58a81af93e0113c9541054599f188d1464a64f51d5f6cdcd637a2f3

  • SSDEEP

    1536:d7B4jAi0u7JqvLeGqriS200dDjp4UHLb2zuGJKi9WXU+pOk+G8wb/APcz+tBTuxo:jgWS2fjpHrb2zRJWO1wbClTao

Score
10/10
blacknet

Malware Config

Extracted

Family

blacknet

Attributes
  • antivm

    false

  • elevate_uac

    false

  • install_name

  • splitter

  • start_name

  • startup

    false

  • usb_spread

    false

Signatures

  • BlackNET payload 1 IoCs
  • Blacknet family
    blacknet
  • Contains code to disable Windows Defender 1 IoCs

    A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

Files

  • 78176-246-0x0000000000400000-0x0000000000426000-memory.dmp
    .exe windows x86


    Headers

    Sections