General
-
Target
9349a5bdadd179a52e12ade80f7dfb248dcbbb55d86552bcb622ca6b594bfba8
-
Size
1.1MB
-
Sample
230621-zyq1dacf5z
-
MD5
e714bc2df7e67bfb29a787c5091dd8e1
-
SHA1
ec3a651cfbd6aed23068f618179e8ea44beb74e8
-
SHA256
9349a5bdadd179a52e12ade80f7dfb248dcbbb55d86552bcb622ca6b594bfba8
-
SHA512
3fd4e6cfae4d68e2a71ef6ef518ed721d19ffa4f8987db239aeafb1dbeb475e04d536d64b30891b47c63f975daed33009347eae2dcdb58429f27e610d76a807b
-
SSDEEP
24576:O99tRrQzFIuP7oJPyqlHHE7dndAZojUelRyd6dGrEIQLaVV:O99tSzBoJK8nE4cUelRyd6dGrEIQLaP
Static task
static1
Behavioral task
behavioral1
Sample
9349a5bdadd179a52e12ade80f7dfb248dcbbb55d86552bcb622ca6b594bfba8.exe
Resource
win7-20230621-en
Malware Config
Targets
-
-
Target
9349a5bdadd179a52e12ade80f7dfb248dcbbb55d86552bcb622ca6b594bfba8
-
Size
1.1MB
-
MD5
e714bc2df7e67bfb29a787c5091dd8e1
-
SHA1
ec3a651cfbd6aed23068f618179e8ea44beb74e8
-
SHA256
9349a5bdadd179a52e12ade80f7dfb248dcbbb55d86552bcb622ca6b594bfba8
-
SHA512
3fd4e6cfae4d68e2a71ef6ef518ed721d19ffa4f8987db239aeafb1dbeb475e04d536d64b30891b47c63f975daed33009347eae2dcdb58429f27e610d76a807b
-
SSDEEP
24576:O99tRrQzFIuP7oJPyqlHHE7dndAZojUelRyd6dGrEIQLaVV:O99tSzBoJK8nE4cUelRyd6dGrEIQLaP
-
Detect Blackmoon payload
-
Gh0st RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-