Overview

overview

10

Static

static

10

1252-59-0x...ry.exe

windows7-x64

1252-59-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1252-59-0x0000000000400000-0x000000000041C000-memory.dmp

  • Size

    112KB

  • Sample

    230609-3wzraaee5t

  • MD5

    06a48fe056583a1bf2f5d16461e19815

  • SHA1

    6e51f62a7c26b10fcd547f15e84fd83679ceaa8e

  • SHA256

    4596494ae227131e98382386f22356636aba19dc87a6f7db6f71355dbfd83cc0

  • SHA512

    82a424774886e40701436b0f1a44192be2af9a926d0fc003186faeb0c635b079e4befe448ce39520e92f3553d576fa331447e40a6ca7fe0b8a3d1a991db8d501

  • SSDEEP

    1536:GRrQ3y/Iarf9yBH/C/34iBQAh4QiObju5FBiIgMLtf:8rbefC/34iBQAeQiObjsFBiID

Score
10/10
blacknethacked

Malware Config

Extracted

Family

blacknet

Version

v3.6.0 Public

Botnet

HacKed

C2

http://bankslip.info/david/

Mutex

BN[lnUntCqW-7778345]

Attributes
  • antivm

    false

  • elevate_uac

    false

  • install_name

    WindowsUpdate.exe

  • splitter

    |BN|

  • start_name

    a5b002eacf54590ec8401ff6d3f920ee

  • startup

    false

  • usb_spread

    false

Targets

    • Target

      1252-59-0x0000000000400000-0x000000000041C000-memory.dmp

    • Size

      112KB

    • MD5

      06a48fe056583a1bf2f5d16461e19815

    • SHA1

      6e51f62a7c26b10fcd547f15e84fd83679ceaa8e

    • SHA256

      4596494ae227131e98382386f22356636aba19dc87a6f7db6f71355dbfd83cc0

    • SHA512

      82a424774886e40701436b0f1a44192be2af9a926d0fc003186faeb0c635b079e4befe448ce39520e92f3553d576fa331447e40a6ca7fe0b8a3d1a991db8d501

    • SSDEEP

      1536:GRrQ3y/Iarf9yBH/C/34iBQAh4QiObju5FBiIgMLtf:8rbefC/34iBQAeQiObjsFBiID

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks