blackmoon | 991d4a3b17372edeaece4ff426d6c1abd3faf5b63abf643f4b7861a6a1a809c1 | Triage

Submit
Reports

Overview

overview

Static

static

991d4a3b17...c1.dll

windows7-x64

991d4a3b17...c1.dll

windows10-2004-x64

Sharing

General

Target

991d4a3b17372edeaece4ff426d6c1abd3faf5b63abf643f4b7861a6a1a809c1
Size

14.0MB
Sample

230918-clkaqsgg33
MD5

192ec143805950aa7bd524cb769934c2
SHA1

b218416ec8f1fc63abad115aefdf54b2e5710b44
SHA256

991d4a3b17372edeaece4ff426d6c1abd3faf5b63abf643f4b7861a6a1a809c1
SHA512

52d0145822a1b4c17830fa50fd2512d45464b1487e4e9a235104b26a5015858204a02a4593fce4241e09c3013bb1ad8333ca373dd834edcf3c1d86d4693dbc0a
SSDEEP

393216:PGyZYVitMtK1F5Jexa5iH1JmtyGkqQkx5vgU:3sKzexa5iUwqDYU

Score

10^/10

blackmoon

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

991d4a3b17372edeaece4ff426d6c1abd3faf5b63abf643f4b7861a6a1a809c1.dll

Resource

win7-20230831-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

991d4a3b17372edeaece4ff426d6c1abd3faf5b63abf643f4b7861a6a1a809c1.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  991d4a3b17372edeaece4ff426d6c1abd3faf5b63abf643f4b7861a6a1a809c1
- Size
  
  14.0MB
- MD5
  
  192ec143805950aa7bd524cb769934c2
- SHA1
  
  b218416ec8f1fc63abad115aefdf54b2e5710b44
- SHA256
  
  991d4a3b17372edeaece4ff426d6c1abd3faf5b63abf643f4b7861a6a1a809c1
- SHA512
  
  52d0145822a1b4c17830fa50fd2512d45464b1487e4e9a235104b26a5015858204a02a4593fce4241e09c3013bb1ad8333ca373dd834edcf3c1d86d4693dbc0a
- SSDEEP
  
  393216:PGyZYVitMtK1F5Jexa5iH1JmtyGkqQkx5vgU:3sKzexa5iUwqDYU
Score

10^/10
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy