General
-
Target
2016-59-0x0000000000400000-0x000000000041C000-memory.dmp
-
Size
112KB
-
Sample
230529-kt64gaah38
-
MD5
bde05bfeecc5751b149f04b8b5d64e3d
-
SHA1
264655891286b16f0a3932f72c7855f4475a9e6f
-
SHA256
8fdfb8333a49a168b0c3d39f55f544346d20b908089d9db31b91c1b5e80ad573
-
SHA512
c36a0375b13efb38846522a641f51fb59c225d2632151f87d90ef775a284101cde8375850a8fdbf3791c90b1c2e5f9233c4147734f3d161975383284be515ebe
-
SSDEEP
1536:+RzYA3qNEFvynWuIiBQAh4QiObju5FBDIgMLtf:EzPynWuIiBQAeQiObjsFBDID
Behavioral task
behavioral1
Sample
2016-59-0x0000000000400000-0x000000000041C000-memory.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
2016-59-0x0000000000400000-0x000000000041C000-memory.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
blacknet
v3.6.0 Public
HacKed
http://bankslip.info/dadsroots/
BN[ZrDroiBx-5245469]
-
antivm
false
-
elevate_uac
false
-
install_name
WindowsUpdate.exe
-
splitter
|BN|
-
start_name
a5b002eacf54590ec8401ff6d3f920ee
-
startup
false
-
usb_spread
false
Targets
-
-
Target
2016-59-0x0000000000400000-0x000000000041C000-memory.dmp
-
Size
112KB
-
MD5
bde05bfeecc5751b149f04b8b5d64e3d
-
SHA1
264655891286b16f0a3932f72c7855f4475a9e6f
-
SHA256
8fdfb8333a49a168b0c3d39f55f544346d20b908089d9db31b91c1b5e80ad573
-
SHA512
c36a0375b13efb38846522a641f51fb59c225d2632151f87d90ef775a284101cde8375850a8fdbf3791c90b1c2e5f9233c4147734f3d161975383284be515ebe
-
SSDEEP
1536:+RzYA3qNEFvynWuIiBQAh4QiObju5FBDIgMLtf:EzPynWuIiBQAeQiObjsFBDID
Score1/10 -