General
-
Target
6618187617678646e77d4e9859138a73ec33623b4728ba7a5de408c51e4315ff
-
Size
421KB
-
Sample
230316-mdn9tsad45
-
MD5
6ad7891db85a7aaed99fb139e9bb862d
-
SHA1
a75afe48d74d8e6288415823ee1900347e8bfbeb
-
SHA256
6618187617678646e77d4e9859138a73ec33623b4728ba7a5de408c51e4315ff
-
SHA512
213578deef3808a9e9a58d21aa63189a586829b51da41dcc68625c2dc6861ec7f647d7bd9d8e2f589be18c3cd9e44b9802126ba3af814b9cd57751ca51c7d39f
-
SSDEEP
6144:uIqVIVeUNiZk4zXX3thxTJ0yy4rlwWvKFwPzcdN72/tUTSiZ29Go/wncTN:9qVIkUNiZfHH9O/wz42FE292nm
Static task
static1
Behavioral task
behavioral1
Sample
6618187617678646e77d4e9859138a73ec33623b4728ba7a5de408c51e4315ff.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
6618187617678646e77d4e9859138a73ec33623b4728ba7a5de408c51e4315ff
-
Size
421KB
-
MD5
6ad7891db85a7aaed99fb139e9bb862d
-
SHA1
a75afe48d74d8e6288415823ee1900347e8bfbeb
-
SHA256
6618187617678646e77d4e9859138a73ec33623b4728ba7a5de408c51e4315ff
-
SHA512
213578deef3808a9e9a58d21aa63189a586829b51da41dcc68625c2dc6861ec7f647d7bd9d8e2f589be18c3cd9e44b9802126ba3af814b9cd57751ca51c7d39f
-
SSDEEP
6144:uIqVIVeUNiZk4zXX3thxTJ0yy4rlwWvKFwPzcdN72/tUTSiZ29Go/wncTN:9qVIkUNiZfHH9O/wz42FE292nm
-
Detect Blackmoon payload
-
Gh0st RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-