General
-
Target
bfb8286490735f777b64ccdf4fa211e53b2ceb7a8d6cd1929760c211c58b972f
-
Size
355KB
-
Sample
230223-cr6qxsgc9x
-
MD5
8ede2c513718db9aff6af9e587b24410
-
SHA1
e32bcf8d62241a66ba3f748af0b505547b16de8c
-
SHA256
bfb8286490735f777b64ccdf4fa211e53b2ceb7a8d6cd1929760c211c58b972f
-
SHA512
d2bdf4ffe8ca3905f08da6a88d0289c9a3699ccb78a6aa03b294aac413fe340ee773946896e27a333867636d4974828ef62455b41fcbdd926ee0459304a04961
-
SSDEEP
6144:mhb8VSeoQZP0MPkUonj5tQHTFdkelDnUEA6Fyz1+KqW40D1Kp4StY6Vw7uX:2IweoQR0MPktjsHUZeWD0Z7VQ
Behavioral task
behavioral1
Sample
bfb8286490735f777b64ccdf4fa211e53b2ceb7a8d6cd1929760c211c58b972f.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
bfb8286490735f777b64ccdf4fa211e53b2ceb7a8d6cd1929760c211c58b972f
-
Size
355KB
-
MD5
8ede2c513718db9aff6af9e587b24410
-
SHA1
e32bcf8d62241a66ba3f748af0b505547b16de8c
-
SHA256
bfb8286490735f777b64ccdf4fa211e53b2ceb7a8d6cd1929760c211c58b972f
-
SHA512
d2bdf4ffe8ca3905f08da6a88d0289c9a3699ccb78a6aa03b294aac413fe340ee773946896e27a333867636d4974828ef62455b41fcbdd926ee0459304a04961
-
SSDEEP
6144:mhb8VSeoQZP0MPkUonj5tQHTFdkelDnUEA6Fyz1+KqW40D1Kp4StY6Vw7uX:2IweoQR0MPktjsHUZeWD0Z7VQ
-
Detect Blackmoon payload
-
Gh0st RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-