General
-
Target
ee5f43c81127af7c55cf94599ae17777fbc7a7bb7d059b830349e2b9c275f642
-
Size
514KB
-
Sample
230602-yy9xtaeg3w
-
MD5
b13392a05917316585959b7d166a3732
-
SHA1
0f969fd094615d20e51f11aa1a65e4301d365948
-
SHA256
ee5f43c81127af7c55cf94599ae17777fbc7a7bb7d059b830349e2b9c275f642
-
SHA512
2895df0ad78785dc8a51da8b1c87e6299b2eff1a0c26a982fcb0fe8f556b536305361ab3a7c1944665a19345145a9276f25c4bc7e0e826a2633b52b435da1ad8
-
SSDEEP
12288:kv5JI23GIqqfOec2Y00I0mBW8En+eVp9TgLNAi:kw2Xqqmec2YIDq+eVneAi
Static task
static1
Behavioral task
behavioral1
Sample
ee5f43c81127af7c55cf94599ae17777fbc7a7bb7d059b830349e2b9c275f642.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
ee5f43c81127af7c55cf94599ae17777fbc7a7bb7d059b830349e2b9c275f642
-
Size
514KB
-
MD5
b13392a05917316585959b7d166a3732
-
SHA1
0f969fd094615d20e51f11aa1a65e4301d365948
-
SHA256
ee5f43c81127af7c55cf94599ae17777fbc7a7bb7d059b830349e2b9c275f642
-
SHA512
2895df0ad78785dc8a51da8b1c87e6299b2eff1a0c26a982fcb0fe8f556b536305361ab3a7c1944665a19345145a9276f25c4bc7e0e826a2633b52b435da1ad8
-
SSDEEP
12288:kv5JI23GIqqfOec2Y00I0mBW8En+eVp9TgLNAi:kw2Xqqmec2YIDq+eVneAi
-
Detect Blackmoon payload
-
Gh0st RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-