General
-
Target
7f6344e5ebcc7ecf98acaf63efcd29952b2152f6f9d2ed061289b2d7944a5556
-
Size
2.9MB
-
Sample
230621-125hlsbf86
-
MD5
b03da2cad31f6dd89dde2e181553da6e
-
SHA1
5c8ba30aa2c3971e179e5c86ca31462897a3b5a9
-
SHA256
7f6344e5ebcc7ecf98acaf63efcd29952b2152f6f9d2ed061289b2d7944a5556
-
SHA512
3488b6171534d61620bfc1f42dd11e4c4c826892f466b24da4187a94000f072c1c0f3ed5b4bd0c3a1fe3e7f807e96c638418a6d3eac4d9b6b89f8f094f1a2f6a
-
SSDEEP
49152:SGOHuqFTiOmBukNbWQZ6ZbaHcYz5aAVKiw6ZWqTG93jJ3hWpVcn:tOjFTirBPng3Yz5J/693kO
Static task
static1
Behavioral task
behavioral1
Sample
7f6344e5ebcc7ecf98acaf63efcd29952b2152f6f9d2ed061289b2d7944a5556.exe
Resource
win7-20230621-en
Malware Config
Targets
-
-
Target
7f6344e5ebcc7ecf98acaf63efcd29952b2152f6f9d2ed061289b2d7944a5556
-
Size
2.9MB
-
MD5
b03da2cad31f6dd89dde2e181553da6e
-
SHA1
5c8ba30aa2c3971e179e5c86ca31462897a3b5a9
-
SHA256
7f6344e5ebcc7ecf98acaf63efcd29952b2152f6f9d2ed061289b2d7944a5556
-
SHA512
3488b6171534d61620bfc1f42dd11e4c4c826892f466b24da4187a94000f072c1c0f3ed5b4bd0c3a1fe3e7f807e96c638418a6d3eac4d9b6b89f8f094f1a2f6a
-
SSDEEP
49152:SGOHuqFTiOmBukNbWQZ6ZbaHcYz5aAVKiw6ZWqTG93jJ3hWpVcn:tOjFTirBPng3Yz5J/693kO
-
Detect Blackmoon payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-