General
-
Target
cf23e2de4f7ae6b0a8bbb1c5b60a69d36a21691a375bb80d8a8cb8d545398aa7
-
Size
6.0MB
-
Sample
231211-dgxwpscee7
-
MD5
4ac6089edb7aa819aff1ab779cd0f1f9
-
SHA1
b7229e7fde2b07f2aed5ac3c55bd783b79400187
-
SHA256
cf23e2de4f7ae6b0a8bbb1c5b60a69d36a21691a375bb80d8a8cb8d545398aa7
-
SHA512
04695dc1ff092afb057a60475a3b62d9184cfdfca6aad3cc733e3a165d185b1b706da681a1668860bf0d034f037ec31e772f9e5b2bd636988ae49d4be25d8b66
-
SSDEEP
98304:64A28GhIwvB6PyEJInTM4cK3Wp+Ic+G5qCDf8DeO2Of3m/jwKMk0Su4xILRFU/lX:8shDSyTnTPm7aqCDf8/2Ovm/jwKMknI8
Behavioral task
behavioral1
Sample
cf23e2de4f7ae6b0a8bbb1c5b60a69d36a21691a375bb80d8a8cb8d545398aa7.exe
Resource
win7-20231023-en
Malware Config
Targets
-
-
Target
cf23e2de4f7ae6b0a8bbb1c5b60a69d36a21691a375bb80d8a8cb8d545398aa7
-
Size
6.0MB
-
MD5
4ac6089edb7aa819aff1ab779cd0f1f9
-
SHA1
b7229e7fde2b07f2aed5ac3c55bd783b79400187
-
SHA256
cf23e2de4f7ae6b0a8bbb1c5b60a69d36a21691a375bb80d8a8cb8d545398aa7
-
SHA512
04695dc1ff092afb057a60475a3b62d9184cfdfca6aad3cc733e3a165d185b1b706da681a1668860bf0d034f037ec31e772f9e5b2bd636988ae49d4be25d8b66
-
SSDEEP
98304:64A28GhIwvB6PyEJInTM4cK3Wp+Ic+G5qCDf8DeO2Of3m/jwKMk0Su4xILRFU/lX:8shDSyTnTPm7aqCDf8/2Ovm/jwKMknI8
-
Detect Blackmoon payload
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-