General
-
Target
ed04378d4fe8fd0814a4435d8.exe
-
Size
1.8MB
-
Sample
230701-jqttasgb24
-
MD5
4b24bb7eb024e319888f9e7e00fe4243
-
SHA1
c3607f61d72e6ec43cf7bf4f41d166eecaa27f58
-
SHA256
ed04378d4fe8fd0814a4435d86b7097706413094c476b29f2539b08ae9592bc2
-
SHA512
48c27f416e07307ee046ccab04fe868b0cf25fe178b002bcc1075adbc47d3fb7ae92b0e8709cdbd159f54755bd7c492e343d8da149d2a9a227836a8d315a0fc3
-
SSDEEP
49152:iRTQWltDVTODlosbWp6FjTxEeliYZ8+Y7JKQa:itzlnY/bW0FjTOKZJaJI
Behavioral task
behavioral1
Sample
ed04378d4fe8fd0814a4435d8.exe
Resource
win7-20230621-en
Malware Config
Targets
-
-
Target
ed04378d4fe8fd0814a4435d8.exe
-
Size
1.8MB
-
MD5
4b24bb7eb024e319888f9e7e00fe4243
-
SHA1
c3607f61d72e6ec43cf7bf4f41d166eecaa27f58
-
SHA256
ed04378d4fe8fd0814a4435d86b7097706413094c476b29f2539b08ae9592bc2
-
SHA512
48c27f416e07307ee046ccab04fe868b0cf25fe178b002bcc1075adbc47d3fb7ae92b0e8709cdbd159f54755bd7c492e343d8da149d2a9a227836a8d315a0fc3
-
SSDEEP
49152:iRTQWltDVTODlosbWp6FjTxEeliYZ8+Y7JKQa:itzlnY/bW0FjTOKZJaJI
-
Detect Blackmoon payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-