General
-
Target
0x000a0000000122f5-57.dat
-
Size
1.1MB
-
Sample
221112-ptasgsad3z
-
MD5
589cac94238870c8fdabc6262e5b3026
-
SHA1
d0c2fe2913f9a333b1402e42022f80b7d539b933
-
SHA256
40b022c5ff2ecf2cfa11be4738839dbacafcfff233691256def7a1f2bdcd9060
-
SHA512
d707e1b36599bd491d5ab29825969b3bfeb2fc1fc1f6fa906a0ad344eeddcef77565c55ad80bbe9a242139c217c0e08b3418ca79d1023bd494bc909e87ca0c57
-
SSDEEP
12288:gaJXLYjkwL4kIrgkRrVxkUcGkzkMMCwYoTtdYb9UtVyq/wEBHoCO9w9BJzWd8XUQ:gaJbMbL4wsxuGI08GZN8EOxJo
Behavioral task
behavioral1
Sample
0x000a0000000122f5-57.exe
Resource
win7-20220901-en
Malware Config
Extracted
blacknet
v3.5.1 Public
HacKed
http://noctorships.ga/BlackNET/Panel/
BN[BNcJaNRq-7658837]
-
antivm
true
-
elevate_uac
false
-
install_name
WindowsUpdate.exe
-
splitter
|BN|
-
start_name
a4f5fc179540a0b155d91b489e6811e2
-
startup
false
-
usb_spread
false
Targets
-
-
Target
0x000a0000000122f5-57.dat
-
Size
1.1MB
-
MD5
589cac94238870c8fdabc6262e5b3026
-
SHA1
d0c2fe2913f9a333b1402e42022f80b7d539b933
-
SHA256
40b022c5ff2ecf2cfa11be4738839dbacafcfff233691256def7a1f2bdcd9060
-
SHA512
d707e1b36599bd491d5ab29825969b3bfeb2fc1fc1f6fa906a0ad344eeddcef77565c55ad80bbe9a242139c217c0e08b3418ca79d1023bd494bc909e87ca0c57
-
SSDEEP
12288:gaJXLYjkwL4kIrgkRrVxkUcGkzkMMCwYoTtdYb9UtVyq/wEBHoCO9w9BJzWd8XUQ:gaJbMbL4wsxuGI08GZN8EOxJo
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-