Overview

overview

10

Static

static

10

852-59-0x0...ry.exe

windows7-x64

852-59-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    852-59-0x0000000000090000-0x00000000000AC000-memory.dmp

  • Size

    112KB

  • Sample

    230529-hmf8csab54

  • MD5

    1b2774d028f9e022a63193ccb394dd24

  • SHA1

    93ba14063c5d38c3e84e91e962090b563d8c4cf1

  • SHA256

    5e770e6b4b4ac525c5f1048d328b869aa6d8cb1482794e7d19f0e00d70f11b78

  • SHA512

    d7a4959754ad80c8ae73a483e6f8e0bf4862aefd793ae0c211394d366baa1ce81de65753b573d148befbd40e5066c8d4d1c5582c3805d6426090de521830e68a

  • SSDEEP

    1536:yRBSGC8LATGdk2iBQAh4QiObju5FB8IIMLtf:wBa5Gdk2iBQAeQiObjsFB8Ib

Score
10/10
blacknethacked

Malware Config

Extracted

Family

blacknet

Version

v3.6.0 Public

Botnet

HacKed

C2

http://bankslip.info/nash/

Mutex

BN[HSMeOkUf-8793677]

Attributes
  • antivm

    false

  • elevate_uac

    false

  • install_name

    WindowsUpdate.exe

  • splitter

    |BN|

  • start_name

    a5b002eacf54590ec8401ff6d3f920ee

  • startup

    false

  • usb_spread

    false

Targets

    • Target

      852-59-0x0000000000090000-0x00000000000AC000-memory.dmp

    • Size

      112KB

    • MD5

      1b2774d028f9e022a63193ccb394dd24

    • SHA1

      93ba14063c5d38c3e84e91e962090b563d8c4cf1

    • SHA256

      5e770e6b4b4ac525c5f1048d328b869aa6d8cb1482794e7d19f0e00d70f11b78

    • SHA512

      d7a4959754ad80c8ae73a483e6f8e0bf4862aefd793ae0c211394d366baa1ce81de65753b573d148befbd40e5066c8d4d1c5582c3805d6426090de521830e68a

    • SSDEEP

      1536:yRBSGC8LATGdk2iBQAh4QiObju5FB8IIMLtf:wBa5Gdk2iBQAeQiObjsFB8Ib

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks