General
-
Target
f945a4b1d9e1fa1855df897d553ad4d06395efe1056527163bd143288b387a50
-
Size
568KB
-
Sample
230523-ykk2jahb34
-
MD5
c95161978d4a0f56b7b55928ec592a00
-
SHA1
be6fc55fe38bf73e58e80e3eb4deee512855102f
-
SHA256
f945a4b1d9e1fa1855df897d553ad4d06395efe1056527163bd143288b387a50
-
SHA512
b27005a7fb298a7ea2aec5d63f9e2ea875538d0d06a618709733ef8ec49cec5d9fb188855ecef2a65fab7ccec1fe579716eff7258d781f608accb55a9a5ece46
-
SSDEEP
6144:A0X9bJhUjAWhDLovrEpWOd2yEag8sM4D6DGRZXrAk3Hoy3rnR/859E:VbrUU04vrjOd25eymAZDj3WE
Static task
static1
Behavioral task
behavioral1
Sample
f945a4b1d9e1fa1855df897d553ad4d06395efe1056527163bd143288b387a50.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
f945a4b1d9e1fa1855df897d553ad4d06395efe1056527163bd143288b387a50
-
Size
568KB
-
MD5
c95161978d4a0f56b7b55928ec592a00
-
SHA1
be6fc55fe38bf73e58e80e3eb4deee512855102f
-
SHA256
f945a4b1d9e1fa1855df897d553ad4d06395efe1056527163bd143288b387a50
-
SHA512
b27005a7fb298a7ea2aec5d63f9e2ea875538d0d06a618709733ef8ec49cec5d9fb188855ecef2a65fab7ccec1fe579716eff7258d781f608accb55a9a5ece46
-
SSDEEP
6144:A0X9bJhUjAWhDLovrEpWOd2yEag8sM4D6DGRZXrAk3Hoy3rnR/859E:VbrUU04vrjOd25eymAZDj3WE
-
Detect Blackmoon payload
-
Gh0st RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-