General
-
Target
bf4b976a1f5463cc69c91a715f69038d0b2ed8ce24f66597f9d6b3f934b28589
-
Size
9.4MB
-
Sample
231204-h96frshf87
-
MD5
f670b763d894887c46c9300c20e027dd
-
SHA1
63d588303e9588737e7b6c7d77f911850cfd1e1c
-
SHA256
bf4b976a1f5463cc69c91a715f69038d0b2ed8ce24f66597f9d6b3f934b28589
-
SHA512
49969decb11fe4a0cf34a9532fec5184cecec3fc2de9b2de836299613953ed4514b5424df76dbf9dc25931372f8fa2af1ae4e0dcd92f7314bdd24cd0fb3bc12c
-
SSDEEP
196608:3TBChPzZW0SKiJvWuwDtrvAvKUygRWGi8ZFJ5cs0u5KlG4SnmEdJI1rZ:l0zvGEDAvKcRWGiw50Ux4Yg
Behavioral task
behavioral1
Sample
bf4b976a1f5463cc69c91a715f69038d0b2ed8ce24f66597f9d6b3f934b28589.exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
bf4b976a1f5463cc69c91a715f69038d0b2ed8ce24f66597f9d6b3f934b28589
-
Size
9.4MB
-
MD5
f670b763d894887c46c9300c20e027dd
-
SHA1
63d588303e9588737e7b6c7d77f911850cfd1e1c
-
SHA256
bf4b976a1f5463cc69c91a715f69038d0b2ed8ce24f66597f9d6b3f934b28589
-
SHA512
49969decb11fe4a0cf34a9532fec5184cecec3fc2de9b2de836299613953ed4514b5424df76dbf9dc25931372f8fa2af1ae4e0dcd92f7314bdd24cd0fb3bc12c
-
SSDEEP
196608:3TBChPzZW0SKiJvWuwDtrvAvKUygRWGi8ZFJ5cs0u5KlG4SnmEdJI1rZ:l0zvGEDAvKcRWGiw50Ux4Yg
-
Detect Blackmoon payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-