General
-
Target
8353dfb0aaef6842df37c669ccbd506d94f34e76b54b65f2a09a8db5102cb4a7
-
Size
1.5MB
-
Sample
230628-y8xegaba67
-
MD5
50b94fdab98ec014a36e82defc3e338e
-
SHA1
ac25d9cbef937754155e9f03f3af3cce52b74ba7
-
SHA256
8353dfb0aaef6842df37c669ccbd506d94f34e76b54b65f2a09a8db5102cb4a7
-
SHA512
730da0fad2e76516784b95e8773c9aa4cfc9c97f421f35e1d307b092c0edebd1a0466a326f5fdbf03f6cb8a19ee6de750c5fcd471d3045974324a90c9e089265
-
SSDEEP
24576:p/FKhdUj9X3J8Zz2xghrxbGcdtYavsIi1xkQe9hu8UpkYy6Buc/te5seRtEKQ8iP:pmA58Pa2tfvsXLkhqpkYy6Bucle5sGEf
Behavioral task
behavioral1
Sample
8353dfb0aaef6842df37c669ccbd506d94f34e76b54b65f2a09a8db5102cb4a7.exe
Resource
win7-20230621-en
Malware Config
Targets
-
-
Target
8353dfb0aaef6842df37c669ccbd506d94f34e76b54b65f2a09a8db5102cb4a7
-
Size
1.5MB
-
MD5
50b94fdab98ec014a36e82defc3e338e
-
SHA1
ac25d9cbef937754155e9f03f3af3cce52b74ba7
-
SHA256
8353dfb0aaef6842df37c669ccbd506d94f34e76b54b65f2a09a8db5102cb4a7
-
SHA512
730da0fad2e76516784b95e8773c9aa4cfc9c97f421f35e1d307b092c0edebd1a0466a326f5fdbf03f6cb8a19ee6de750c5fcd471d3045974324a90c9e089265
-
SSDEEP
24576:p/FKhdUj9X3J8Zz2xghrxbGcdtYavsIi1xkQe9hu8UpkYy6Buc/te5seRtEKQ8iP:pmA58Pa2tfvsXLkhqpkYy6Bucle5sGEf
-
Detect Blackmoon payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-