General
-
Target
摩纳哥.7z
-
Size
19.9MB
-
Sample
230226-1x5b2saf28
-
MD5
8d798197150cf22c2d63ff1181ca0535
-
SHA1
49bd04d964cfae91cc4021323dae9d51e8c33964
-
SHA256
00afff69b8f52c22df1875d98d75730cde0ea314c6e5b120636ed47deb12d014
-
SHA512
f84049e0266662e8aeac3a0d829e0461f9465d0450d2f5a0e111477a78aa05706d51457bb4f4d37591aac07e8e6145a05d6346210391ab4e01e211dea0904e33
-
SSDEEP
393216:O/Yz0z3hU/4T4e47EdNCVKko+kA27u2f2hLyBiFHNzF7V:Lz63hUWtjd4VCAHOENzFJ
Behavioral task
behavioral1
Sample
摩纳哥.7z
Resource
win10-20230220-en
Behavioral task
behavioral2
Sample
摩纳哥.7z
Resource
win7-20230220-en
Behavioral task
behavioral3
Sample
摩纳哥.7z
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
摩纳哥.7z
-
Size
19.9MB
-
MD5
8d798197150cf22c2d63ff1181ca0535
-
SHA1
49bd04d964cfae91cc4021323dae9d51e8c33964
-
SHA256
00afff69b8f52c22df1875d98d75730cde0ea314c6e5b120636ed47deb12d014
-
SHA512
f84049e0266662e8aeac3a0d829e0461f9465d0450d2f5a0e111477a78aa05706d51457bb4f4d37591aac07e8e6145a05d6346210391ab4e01e211dea0904e33
-
SSDEEP
393216:O/Yz0z3hU/4T4e47EdNCVKko+kA27u2f2hLyBiFHNzF7V:Lz63hUWtjd4VCAHOENzFJ
-
Detect Blackmoon payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-