General
-
Target
d3da6b93e7598fb522fe8858e15e445ba1ca13d05aacd22156d8ad3d745dd2d8
-
Size
398KB
-
Sample
230509-h6v6magf5w
-
MD5
8ff87a847f8ab762522075d18d67aecb
-
SHA1
0bf00a44ff52486e270aa5776aa1b91ccf7855c5
-
SHA256
d3da6b93e7598fb522fe8858e15e445ba1ca13d05aacd22156d8ad3d745dd2d8
-
SHA512
edc93c8975905cc77723c4f73bd607a9e6632baa05e4b362235f608873f2aa89d9762fc127808e4bad3c7053b9676c108dd4c8e7a731a122fc058bdafea1520d
-
SSDEEP
6144:eNAfdtIIp3THTZRqokUu7g8tfxFADRc+Sn5whgDL9jKxb6jBGbXO42W6jGC4ZKYU:zdtIIlqozl8t8llbh4j9GcPjtxuva
Behavioral task
behavioral1
Sample
d3da6b93e7598fb522fe8858e15e445ba1ca13d05aacd22156d8ad3d745dd2d8.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
d3da6b93e7598fb522fe8858e15e445ba1ca13d05aacd22156d8ad3d745dd2d8
-
Size
398KB
-
MD5
8ff87a847f8ab762522075d18d67aecb
-
SHA1
0bf00a44ff52486e270aa5776aa1b91ccf7855c5
-
SHA256
d3da6b93e7598fb522fe8858e15e445ba1ca13d05aacd22156d8ad3d745dd2d8
-
SHA512
edc93c8975905cc77723c4f73bd607a9e6632baa05e4b362235f608873f2aa89d9762fc127808e4bad3c7053b9676c108dd4c8e7a731a122fc058bdafea1520d
-
SSDEEP
6144:eNAfdtIIp3THTZRqokUu7g8tfxFADRc+Sn5whgDL9jKxb6jBGbXO42W6jGC4ZKYU:zdtIIlqozl8t8llbh4j9GcPjtxuva
-
Detect Blackmoon payload
-
Gh0st RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-