Overview

overview

10

Static

static

10

2016-59-0x...ry.exe

windows7-x64

2016-59-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2016-59-0x0000000000400000-0x000000000041C000-memory.dmp

  • Size

    112KB

  • Sample

    230529-kt64gaah38

  • MD5

    bde05bfeecc5751b149f04b8b5d64e3d

  • SHA1

    264655891286b16f0a3932f72c7855f4475a9e6f

  • SHA256

    8fdfb8333a49a168b0c3d39f55f544346d20b908089d9db31b91c1b5e80ad573

  • SHA512

    c36a0375b13efb38846522a641f51fb59c225d2632151f87d90ef775a284101cde8375850a8fdbf3791c90b1c2e5f9233c4147734f3d161975383284be515ebe

  • SSDEEP

    1536:+RzYA3qNEFvynWuIiBQAh4QiObju5FBDIgMLtf:EzPynWuIiBQAeQiObjsFBDID

Score
10/10
blacknethacked

Malware Config

Extracted

Family

blacknet

Version

v3.6.0 Public

Botnet

HacKed

C2

http://bankslip.info/dadsroots/

Mutex

BN[ZrDroiBx-5245469]

Attributes
  • antivm

    false

  • elevate_uac

    false

  • install_name

    WindowsUpdate.exe

  • splitter

    |BN|

  • start_name

    a5b002eacf54590ec8401ff6d3f920ee

  • startup

    false

  • usb_spread

    false

Targets

    • Target

      2016-59-0x0000000000400000-0x000000000041C000-memory.dmp

    • Size

      112KB

    • MD5

      bde05bfeecc5751b149f04b8b5d64e3d

    • SHA1

      264655891286b16f0a3932f72c7855f4475a9e6f

    • SHA256

      8fdfb8333a49a168b0c3d39f55f544346d20b908089d9db31b91c1b5e80ad573

    • SHA512

      c36a0375b13efb38846522a641f51fb59c225d2632151f87d90ef775a284101cde8375850a8fdbf3791c90b1c2e5f9233c4147734f3d161975383284be515ebe

    • SSDEEP

      1536:+RzYA3qNEFvynWuIiBQAh4QiObju5FBDIgMLtf:EzPynWuIiBQAeQiObjsFBDID

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks