General
-
Target
c5513671884fc3e02c5812b2a0b1645b8b664c9fb97ca332bedd18c051e591e0
-
Size
1.3MB
-
Sample
230620-yclm4adh95
-
MD5
cef823eb157b4fa0e8524ed48307f345
-
SHA1
60d5405cbde42850c6d6f9fc5b7fe1773a720f28
-
SHA256
c5513671884fc3e02c5812b2a0b1645b8b664c9fb97ca332bedd18c051e591e0
-
SHA512
7b7afd582955f000d62b63f4159d68b7f9d45b8c685e3ad0992ae1eef638cc6e15636adf0dc9fbc6373fd3c58f44f46bf74dfb37a7bb9ec3eae6c74a21b53abc
-
SSDEEP
24576:Dqmi8tpifdQ8ABVABskA1rz4B8VzWhRTOdlmuC/uZ7R9Ti1wGJRQvZ:umi8bifd+VABnYra3nTOhlxUwGs
Behavioral task
behavioral1
Sample
c5513671884fc3e02c5812b2a0b1645b8b664c9fb97ca332bedd18c051e591e0.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
c5513671884fc3e02c5812b2a0b1645b8b664c9fb97ca332bedd18c051e591e0
-
Size
1.3MB
-
MD5
cef823eb157b4fa0e8524ed48307f345
-
SHA1
60d5405cbde42850c6d6f9fc5b7fe1773a720f28
-
SHA256
c5513671884fc3e02c5812b2a0b1645b8b664c9fb97ca332bedd18c051e591e0
-
SHA512
7b7afd582955f000d62b63f4159d68b7f9d45b8c685e3ad0992ae1eef638cc6e15636adf0dc9fbc6373fd3c58f44f46bf74dfb37a7bb9ec3eae6c74a21b53abc
-
SSDEEP
24576:Dqmi8tpifdQ8ABVABskA1rz4B8VzWhRTOdlmuC/uZ7R9Ti1wGJRQvZ:umi8bifd+VABnYra3nTOhlxUwGs
-
Detect Blackmoon payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-