General
-
Target
8f2fdc0a52748edb7be9bb430a6ae62fb9c65db79fa00a2078a2218b4b062cb8
-
Size
141KB
-
Sample
221129-f9vcdsdf4v
-
MD5
b87df20eda8aea1594ce221ee1fc550a
-
SHA1
a5e985819ed2be3433b7caa8901e2b6bcb237fc9
-
SHA256
8f2fdc0a52748edb7be9bb430a6ae62fb9c65db79fa00a2078a2218b4b062cb8
-
SHA512
77a1c83ad951bde5561ae6377f91ce2643962a51f98005b56fa6874ae8e0c35256d715e784703ff2d2cb273cf19d500316661d59ddc37a6712843781c504cef5
-
SSDEEP
3072:iS13dexXhf2hek4txILwTFnvt2c3Ek4oAJ/gDH9gzuaEgTsDz:iS1twl2he9RIc0kBzuu+s
Static task
static1
Behavioral task
behavioral1
Sample
8f2fdc0a52748edb7be9bb430a6ae62fb9c65db79fa00a2078a2218b4b062cb8.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
8f2fdc0a52748edb7be9bb430a6ae62fb9c65db79fa00a2078a2218b4b062cb8.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
8f2fdc0a52748edb7be9bb430a6ae62fb9c65db79fa00a2078a2218b4b062cb8
-
Size
141KB
-
MD5
b87df20eda8aea1594ce221ee1fc550a
-
SHA1
a5e985819ed2be3433b7caa8901e2b6bcb237fc9
-
SHA256
8f2fdc0a52748edb7be9bb430a6ae62fb9c65db79fa00a2078a2218b4b062cb8
-
SHA512
77a1c83ad951bde5561ae6377f91ce2643962a51f98005b56fa6874ae8e0c35256d715e784703ff2d2cb273cf19d500316661d59ddc37a6712843781c504cef5
-
SSDEEP
3072:iS13dexXhf2hek4txILwTFnvt2c3Ek4oAJ/gDH9gzuaEgTsDz:iS1twl2he9RIc0kBzuu+s
Score10/10-
Detect Blackmoon payload
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-