General
-
Target
2848c3239c8e587b65bef9db5940824bc5126a4928cabf885049581283d6f260
-
Size
356KB
-
Sample
221128-yla8qacd72
-
MD5
ee7a29a3f6ee847cebd8c2bc6d6270c0
-
SHA1
529069f28001bd2d59afb52a3d68224fc7b6c070
-
SHA256
2848c3239c8e587b65bef9db5940824bc5126a4928cabf885049581283d6f260
-
SHA512
98307fc036a86b05028bce4d98b9be0359414ec09d3b1d170b1457bf4043e83f87bcaeea4849aadc880dd6ecd102ab8432725da4ce803ff7fe5b2600ad5f31a9
-
SSDEEP
6144:nAZ26bMC4ZnX0NCqyITT+T6lPg5jC5SEmb++7Uym0kmsXMiLOFo02RF3o:nAZxbMCgX0GITXlUgSbgj0jikr23Y
Behavioral task
behavioral1
Sample
2848c3239c8e587b65bef9db5940824bc5126a4928cabf885049581283d6f260.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
2848c3239c8e587b65bef9db5940824bc5126a4928cabf885049581283d6f260.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
2848c3239c8e587b65bef9db5940824bc5126a4928cabf885049581283d6f260
-
Size
356KB
-
MD5
ee7a29a3f6ee847cebd8c2bc6d6270c0
-
SHA1
529069f28001bd2d59afb52a3d68224fc7b6c070
-
SHA256
2848c3239c8e587b65bef9db5940824bc5126a4928cabf885049581283d6f260
-
SHA512
98307fc036a86b05028bce4d98b9be0359414ec09d3b1d170b1457bf4043e83f87bcaeea4849aadc880dd6ecd102ab8432725da4ce803ff7fe5b2600ad5f31a9
-
SSDEEP
6144:nAZ26bMC4ZnX0NCqyITT+T6lPg5jC5SEmb++7Uym0kmsXMiLOFo02RF3o:nAZxbMCgX0GITXlUgSbgj0jikr23Y
Score10/10-
Detect Blackmoon payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-