Overview

overview

10

Static

static

10

8CE1041CCE...78.exe

windows7-x64

10

8CE1041CCE...78.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8CE1041CCE94737D4A36DBAD504F4A78.exe

  • Size

    75KB

  • Sample

    231015-k8qp2adf61

  • MD5

    8ce1041cce94737d4a36dbad504f4a78

  • SHA1

    c4a49dcf6c6edff26b0514da03b155f2ac418a3c

  • SHA256

    a7758f03d40f51f6c0b3f84e40fb7e5ae468fd315d6c4ea2b67b664d347fc98b

  • SHA512

    bd694408ac0a128028557c4f77b82e4d581c3ddb4326804de0dd1e5547d9f5287f219ef3af92394e70d377e08e4f49d4530acb1941fdc090856b6e4d2bdfc162

  • SSDEEP

    1536:hZuhD5z28TC268is9T8VPPQTgbSUPH4LU0tYwq:Gt19T89mgbSKHaUoYw

Score
10/10
blacknethackedevasiontrojan

Malware Config

Extracted

Family

blacknet

Botnet

HacKed

C2

http://clearmu.top/blacknet

Mutex

BN[yGNdFEUK-4263874]

Attributes
  • antivm

    true

  • elevate_uac

    true

  • install_name

    WindowsUpdate.exe

  • splitter

    |BN|

  • start_name

    35dcbc7eb742dd4f1edfbccf7826c724

  • startup

    false

  • usb_spread

    false

Targets

    • Target

      8CE1041CCE94737D4A36DBAD504F4A78.exe

    • Size

      75KB

    • MD5

      8ce1041cce94737d4a36dbad504f4a78

    • SHA1

      c4a49dcf6c6edff26b0514da03b155f2ac418a3c

    • SHA256

      a7758f03d40f51f6c0b3f84e40fb7e5ae468fd315d6c4ea2b67b664d347fc98b

    • SHA512

      bd694408ac0a128028557c4f77b82e4d581c3ddb4326804de0dd1e5547d9f5287f219ef3af92394e70d377e08e4f49d4530acb1941fdc090856b6e4d2bdfc162

    • SSDEEP

      1536:hZuhD5z28TC268is9T8VPPQTgbSUPH4LU0tYwq:Gt19T89mgbSKHaUoYw

    Score
    10/10
    blacknetevasiontrojan

    • BlackNET

      BlackNET is an open source remote access tool written in VB.NET.

      trojanblacknet

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Windows security modification

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks