7319656b4c5c0f3c42526657e96c0732322806d7824e992baa4b816a525aae98

Submit
Reports

Overview

overview

Static

static

Botnets PA...t].exe

windows10-2004-x64

Botnets PA...er.exe

windows10-2004-x64

Botnets PA...vg.exe

windows10-2004-x64

Botnets PA...er.exe

windows10-2004-x64

Botnets PA...er.exe

windows10-2004-x64

Botnets PA...mm.exe

windows10-2004-x64

Botnets PA...UI.exe

windows10-2004-x64

Botnets PA...er.exe

windows10-2004-x64

Botnets PA...32.exe

windows10-2004-x64

Botnets PA...er.exe

windows10-2004-x64

Botnets PA...er.exe

windows10-2004-x64

Botnets PA...er.exe

windows10-2004-x64

Botnets PA...vc.exe

windows10-2004-x64

Botnets PA...t].exe

windows10-2004-x64

Botnets PA...er.exe

windows10-2004-x64

Botnets PA...ti.exe

windows10-2004-x64

Botnets PA...er.exe

windows10-2004-x64

Botnets PA...ll.exe

windows10-2004-x64

Botnets PA...er.exe

windows10-2004-x64

Botnets PA...al.exe

windows10-2004-x64

Botnets PA...er.exe

windows10-2004-x64

Botnets PA...32.exe

windows10-2004-x64

Botnets PA...es.exe

windows10-2004-x64

Botnets PA...ml.exe

windows10-2004-x64

Botnets PA...ib.exe

windows10-2004-x64

Botnets PA...nk.exe

windows10-2004-x64

Botnets PA...px.exe

windows10-2004-x64

Botnets PA...er.exe

windows10-2004-x64

Botnets PA...it.exe

windows10-2004-x64

Botnets PA...ll.exe

windows10-2004-x64

Botnets PA...er.exe

windows10-2004-x64

Botnets PA...er.exe

windows10-2004-x64

Analysis

max time kernel
32s
max time network
37s
platform
windows10-2004_x64
resource
win10v2004-20230621-en
resource tags

arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system
submitted
23-06-2023 22:55

Sharing

Copy URL

Twitter E-mail

Static task

static1

[id]upx blacknet

5 signatures

Behavioral task

behavioral1

Sample

Botnets PACK/Botnets PACK/Amadey Cracked/Amadey Cracked [XakFor.Net].exe

Resource

win10v2004-20230621-en

persistence

windows10-2004-x64

10 signatures

30 seconds

Behavioral task

behavioral2

Sample

Botnets PACK/Botnets PACK/Amadey Cracked/xpti/Launcher.exe

Resource

win10v2004-20230621-en

persistence

windows10-2004-x64

10 signatures

30 seconds

Behavioral task

behavioral3

Sample

Botnets PACK/Botnets PACK/Amadey Cracked/xpti/svg.exe

Resource

win10v2004-20230621-en

windows10-2004-x64

0 signatures

30 seconds

Behavioral task

behavioral4

Sample

Botnets PACK/Botnets PACK/Atmos BOTNET Builder/atmos_weber.exe

Resource

win10v2004-20230621-en

persistence

windows10-2004-x64

10 signatures

30 seconds

Behavioral task

behavioral5

Sample

Botnets PACK/Botnets PACK/Atmos BOTNET Builder/forms/Launcher.exe

Resource

win10v2004-20230621-en

persistence

windows10-2004-x64

10 signatures

30 seconds

Behavioral task

behavioral6

Sample

Botnets PACK/Botnets PACK/Atmos BOTNET Builder/forms/comm.exe

Resource

win10v2004-20230621-en

windows10-2004-x64

0 signatures

30 seconds

Behavioral task

behavioral7

Sample

Botnets PACK/Botnets PACK/BetaBotBuilder Leaked by Bull/BetaBotBuilderGUI.exe

Resource

win10v2004-20230621-en

windows10-2004-x64

5 signatures

30 seconds

Behavioral task

behavioral8

Sample

Botnets PACK/Botnets PACK/BetaBotBuilder Leaked by Bull/npnul32/Launcher.exe

Resource

win10v2004-20230621-en

persistence

windows10-2004-x64

10 signatures

30 seconds

Behavioral task

behavioral9

Sample

Botnets PACK/Botnets PACK/BetaBotBuilder Leaked by Bull/npnul32/secur32.exe

Resource

win10v2004-20230621-en

windows10-2004-x64

1 signatures

30 seconds

Behavioral task

behavioral10

Sample

Botnets PACK/Botnets PACK/BlackNET - Compiled/BlackNET Builder.exe

Resource

win10v2004-20230621-en

persistence

windows10-2004-x64

10 signatures

30 seconds

Behavioral task

behavioral11

Sample

Botnets PACK/Botnets PACK/BlackNET - Compiled/Packer/Confuser.exe

Resource

win10v2004-20230621-en

windows10-2004-x64

0 signatures

30 seconds

Behavioral task

behavioral12

Sample

Botnets PACK/Botnets PACK/H1N1 Loader/sqlite3/Launcher.exe

Resource

win10v2004-20230621-en

persistence

windows10-2004-x64

10 signatures

30 seconds

Behavioral task

behavioral13

Sample

Botnets PACK/Botnets PACK/H1N1 Loader/sqlite3/NcaSvc.exe

Resource

win10v2004-20230621-en

windows10-2004-x64

0 signatures

30 seconds

Behavioral task

behavioral14

Sample

Botnets PACK/Botnets PACK/L0rdix Cracked [XakFor.Net]/L0rdix Cracked [XakFor.Net].exe

Resource

win10v2004-20230621-en

persistence

windows10-2004-x64

10 signatures

30 seconds

Behavioral task

behavioral15

Sample

Botnets PACK/Botnets PACK/L0rdix Cracked [XakFor.Net]/en-US/Launcher.exe

Resource

win10v2004-20230621-en

persistence

windows10-2004-x64

10 signatures

30 seconds

Behavioral task

behavioral16

Sample

Botnets PACK/Botnets PACK/L0rdix Cracked [XakFor.Net]/en-US/xpti.exe

Resource

win10v2004-20230621-en

windows10-2004-x64

0 signatures

30 seconds

Behavioral task

behavioral17

Sample

Botnets PACK/Botnets PACK/LiteHTTP-master/LiteDB/Launcher.exe

Resource

win10v2004-20230621-en

persistence

windows10-2004-x64

10 signatures

30 seconds

Behavioral task

behavioral18

Sample

Botnets PACK/Botnets PACK/LiteHTTP-master/LiteDB/all.exe

Resource

win10v2004-20230621-en

windows10-2004-x64

0 signatures

30 seconds

Behavioral task

behavioral19

Sample

Botnets PACK/Botnets PACK/LiteHTTP-master/LiteHTTP Builder.exe

Resource

win10v2004-20230621-en

persistence

windows10-2004-x64

10 signatures

30 seconds

Behavioral task

behavioral20

Sample

Botnets PACK/Botnets PACK/Loki 1.8/Loki_original.exe

Resource

win10v2004-20230621-en

persistence

windows10-2004-x64

10 signatures

30 seconds

Behavioral task

behavioral21

Sample

Botnets PACK/Botnets PACK/Pony 1.9/PonyBuilder.exe

Resource

win10v2004-20230621-en

persistence upx

windows10-2004-x64

11 signatures

30 seconds

Behavioral task

behavioral22

Sample

Botnets PACK/Botnets PACK/Pony 1.9/masm32/bin/brcc32.exe

Resource

win10v2004-20230621-en

windows10-2004-x64

0 signatures

30 seconds

Behavioral task

behavioral23

Sample

Botnets PACK/Botnets PACK/Pony 1.9/masm32/bin/cvtres.exe

Resource

win10v2004-20230621-en

windows10-2004-x64

0 signatures

30 seconds

Behavioral task

behavioral24

Sample

Botnets PACK/Botnets PACK/Pony 1.9/masm32/bin/ml.exe

Resource

win10v2004-20230621-en

windows10-2004-x64

0 signatures

30 seconds

Behavioral task

behavioral25

Sample

Botnets PACK/Botnets PACK/Pony 1.9/masm32/bin/polib.exe

Resource

win10v2004-20230621-en

windows10-2004-x64

0 signatures

30 seconds

Behavioral task

behavioral26

Sample

Botnets PACK/Botnets PACK/Pony 1.9/masm32/bin/polink.exe

Resource

win10v2004-20230621-en

windows10-2004-x64

0 signatures

30 seconds

Behavioral task

behavioral27

Sample

Botnets PACK/Botnets PACK/Pony 1.9/masm32/bin/upx.exe

Resource

win10v2004-20230621-en

upx

windows10-2004-x64

1 signatures

30 seconds

Behavioral task

behavioral28

Sample

Botnets PACK/Botnets PACK/Pony 1.9/sys/Launcher.exe

Resource

win10v2004-20230621-en

persistence

windows10-2004-x64

10 signatures

30 seconds

Behavioral task

behavioral29

Sample

Botnets PACK/Botnets PACK/Pony 1.9/sys/WPFToolkit.exe

Resource

win10v2004-20230621-en

upx

windows10-2004-x64

3 signatures

30 seconds

Behavioral task

behavioral30

Sample

Botnets PACK/Botnets PACK/Smoke Loader Original Stub/nssdbm3/CoreShell.exe

Resource

win10v2004-20230621-en

smokeloader backdoor trojan

windows10-2004-x64

5 signatures

30 seconds

Behavioral task

behavioral31

Sample

Botnets PACK/Botnets PACK/Smoke Loader Original Stub/nssdbm3/Launcher.exe

Resource

win10v2004-20230621-en

persistence

windows10-2004-x64

10 signatures

30 seconds

Behavioral task

behavioral32

Sample

Botnets PACK/Botnets PACK/Smoke Loader Original Stub/smokeloader.exe

Resource

win10v2004-20230621-en

smokeloader backdoor persistence trojan

windows10-2004-x64

14 signatures

30 seconds

Report Analysis Logs

General

Target

Botnets PACK/Botnets PACK/Pony 1.9/masm32/bin/brcc32.exe
Size

74KB
MD5

084dfadc4c72bdd2900112665ee5af13
SHA1

67c6fd7d191686eb3d7cb121b9893462e85b7f52
SHA256

f049cf781ff73c5586cd81da7269477ebdee614ad2c1dc57346437e6557b2737
SHA512

b15f4b6e9e967d89d610bf912956a19a46e1b6e2f4c4cea6e23b0f545a142a9732495e2cfc38f917ce20e91b17644195c60390dd4cd87a47b6729d070f3fc8a2
SSDEEP

1536:P3kI1EXCxSwonJH/SGkv8BdwsTCkED2JU4MU7NAygtdOZ:fr1EXCxSwonJfVkM0hftU7NDgtdO

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\Botnets PACK\Botnets PACK\Pony 1.9\masm32\bin\brcc32.exe
"C:\Users\Admin\AppData\Local\Temp\Botnets PACK\Botnets PACK\Pony 1.9\masm32\bin\brcc32.exe"
1⤵
PID:5116

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/5116-133-0x00000000005A0000-0x00000000005E3000-memory.dmp

Filesize
268KB

Download
memory/5116-134-0x0000000000400000-0x0000000000417000-memory.dmp

Filesize
92KB

Download
memory/5116-135-0x0000000002630000-0x00000000026FF000-memory.dmp

Filesize
828KB

Download
memory/5116-136-0x0000000000400000-0x0000000000417000-memory.dmp

Filesize
92KB

Download
memory/5116-137-0x00000000005A0000-0x00000000005E3000-memory.dmp

Filesize
268KB

Download