Analysis
-
max time kernel
188s -
max time network
202s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system -
submitted
07-05-2023 01:13
Behavioral task
behavioral1
Sample
3c023fdeff122f7e586cb8667632a076ee43b63a128f1fa1771a2774e0be23c9.exe
Resource
win7-20230220-en
windows7-x64
2 signatures
150 seconds
General
-
Target
3c023fdeff122f7e586cb8667632a076ee43b63a128f1fa1771a2774e0be23c9.exe
-
Size
752KB
-
MD5
1a3420431507f9aa7c0a2710a5c6a81d
-
SHA1
dc00377b132db6ef43e9588edf41dc7f721de8c5
-
SHA256
3c023fdeff122f7e586cb8667632a076ee43b63a128f1fa1771a2774e0be23c9
-
SHA512
971dcf732acaffc2c3a7dd0300f2215ff713b2fc8a80275a5693bbbae5ade18980e3254199c7fdbe9dcf9704b59be6c1dd6108d1193529d22b94f5e4a1ec6501
-
SSDEEP
12288:+dEJummMYGAXFdmCDbCXd6mkCRVFhvaPruqq:+dEJummMYJFdmIbCXdDkKVFhvIry
Malware Config
Signatures
-
Detect Blackmoon payload 2 IoCs
Processes:
resource yara_rule behavioral2/memory/4352-133-0x0000000000400000-0x00000000004CA000-memory.dmp family_blackmoon behavioral2/memory/4352-134-0x0000000000400000-0x00000000004CA000-memory.dmp family_blackmoon