General
-
Target
79db79870019b16dd6259baf23fbdb0badec4c7ab519d63f950d35e2f602a17d
-
Size
131KB
-
Sample
221129-h6sqhage94
-
MD5
9ec2385aa31573102fb1a53a283270e5
-
SHA1
038483847c3d93d90c01fa4c0bb3e920e3e8aeda
-
SHA256
79db79870019b16dd6259baf23fbdb0badec4c7ab519d63f950d35e2f602a17d
-
SHA512
4945d5aec4878eebe058d77287f226dd9264a1cc523fa8a531b8a1fc5bcf39a06d31fc37a37fe1c0e2403f13356ffdff30d8445ffaac8435e4e7c95fb3cdfd05
-
SSDEEP
3072:Jb5CSaLbs4RHjVb2+OwZGC6+0Mm6cK2y5y5DmeffwHMICZzGWSS+pAboutj:JsBPzjVbSwZGCk6cDy+DmqfmsSStboSj
Static task
static1
Behavioral task
behavioral1
Sample
79db79870019b16dd6259baf23fbdb0badec4c7ab519d63f950d35e2f602a17d.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
79db79870019b16dd6259baf23fbdb0badec4c7ab519d63f950d35e2f602a17d.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
79db79870019b16dd6259baf23fbdb0badec4c7ab519d63f950d35e2f602a17d
-
Size
131KB
-
MD5
9ec2385aa31573102fb1a53a283270e5
-
SHA1
038483847c3d93d90c01fa4c0bb3e920e3e8aeda
-
SHA256
79db79870019b16dd6259baf23fbdb0badec4c7ab519d63f950d35e2f602a17d
-
SHA512
4945d5aec4878eebe058d77287f226dd9264a1cc523fa8a531b8a1fc5bcf39a06d31fc37a37fe1c0e2403f13356ffdff30d8445ffaac8435e4e7c95fb3cdfd05
-
SSDEEP
3072:Jb5CSaLbs4RHjVb2+OwZGC6+0Mm6cK2y5y5DmeffwHMICZzGWSS+pAboutj:JsBPzjVbSwZGCk6cDy+DmqfmsSStboSj
Score10/10-
Detect Blackmoon payload
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-