General
-
Target
a95737adb2cd7b1af2291d143200a82d8d32a868c64fb4acc542608f56a0aeda
-
Size
146KB
-
Sample
230614-kn5nfsfc51
-
MD5
0558b31bd9e3e8233ca74837754882d7
-
SHA1
a4bcad094372c9348bce850034a028460d19b0a6
-
SHA256
a95737adb2cd7b1af2291d143200a82d8d32a868c64fb4acc542608f56a0aeda
-
SHA512
4e8cb6bcd0b74b5508ee211fb2d7796fc5177d3b10fdc3283614ae872bd4cfa32d80648e35c79b2b2b3fa867eadcce4e706301f6e716e46fddefca08eeb1fb04
-
SSDEEP
3072:GB1Q3LeTWmL359vd0OmS7ok57ORL2G4kOqOcPxab/gp2pFuuxE6l/:E1WeTWmLp9vd0Om6B57ORaG4Rqh51p2q
Behavioral task
behavioral1
Sample
a95737adb2cd7b1af2291d143200a82d8d32a868c64fb4acc542608f56a0aeda.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
a95737adb2cd7b1af2291d143200a82d8d32a868c64fb4acc542608f56a0aeda
-
Size
146KB
-
MD5
0558b31bd9e3e8233ca74837754882d7
-
SHA1
a4bcad094372c9348bce850034a028460d19b0a6
-
SHA256
a95737adb2cd7b1af2291d143200a82d8d32a868c64fb4acc542608f56a0aeda
-
SHA512
4e8cb6bcd0b74b5508ee211fb2d7796fc5177d3b10fdc3283614ae872bd4cfa32d80648e35c79b2b2b3fa867eadcce4e706301f6e716e46fddefca08eeb1fb04
-
SSDEEP
3072:GB1Q3LeTWmL359vd0OmS7ok57ORL2G4kOqOcPxab/gp2pFuuxE6l/:E1WeTWmLp9vd0Om6B57ORaG4Rqh51p2q
-
Detect Blackmoon payload
-
Gh0st RAT payload
-
Registers new Print Monitor
-
Deletes itself
-
Executes dropped EXE
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops file in System32 directory
-