General
-
Target
e9b59980fe4ead9983c50e7b66b61757eadd585277db4001127e56897f5ac4ff
-
Size
317KB
-
Sample
230627-yj3j7agb7y
-
MD5
ef0a233207d5fb68da9fd5f5dcd48840
-
SHA1
f57b671554e83db6fa92f0491f3e9b68bbfa152f
-
SHA256
e9b59980fe4ead9983c50e7b66b61757eadd585277db4001127e56897f5ac4ff
-
SHA512
9ea5b8b00aba9bcfc73afb88f53301d24e61ce6ee2b62123a66a0de7486ee602296b2d56ad4a19f6c3b93c596e9808af91a7c9b0ee6ec8a8ff10bb67983af56d
-
SSDEEP
6144:Ag+Y5tJ4pVLAN8cd30Bjru7p17cm2UtFEri/bqzcYqmekFjGBUAbNA:Z+YzJ4pTlrSTsUjgTekM+AbNA
Static task
static1
Behavioral task
behavioral1
Sample
e9b59980fe4ead9983c50e7b66b61757eadd585277db4001127e56897f5ac4ff.exe
Resource
win7-20230621-en
Malware Config
Targets
-
-
Target
e9b59980fe4ead9983c50e7b66b61757eadd585277db4001127e56897f5ac4ff
-
Size
317KB
-
MD5
ef0a233207d5fb68da9fd5f5dcd48840
-
SHA1
f57b671554e83db6fa92f0491f3e9b68bbfa152f
-
SHA256
e9b59980fe4ead9983c50e7b66b61757eadd585277db4001127e56897f5ac4ff
-
SHA512
9ea5b8b00aba9bcfc73afb88f53301d24e61ce6ee2b62123a66a0de7486ee602296b2d56ad4a19f6c3b93c596e9808af91a7c9b0ee6ec8a8ff10bb67983af56d
-
SSDEEP
6144:Ag+Y5tJ4pVLAN8cd30Bjru7p17cm2UtFEri/bqzcYqmekFjGBUAbNA:Z+YzJ4pTlrSTsUjgTekM+AbNA
-
Detect Blackmoon payload
-
Gh0st RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-