General
-
Target
02f289afea55562825514bea687992fe
-
Size
129KB
-
Sample
231224-sgxchabefj
-
MD5
02f289afea55562825514bea687992fe
-
SHA1
b2acd397873bb99b15772397b3c8d9187cef9bc0
-
SHA256
6c13d1ffcaa86e0fbe2cce1b69789d7d7c0aa98e4358dd044287e913d07d7e15
-
SHA512
4294716259c073357e4dfc7e712a9fc089703614e449c65db2899f58fdb9e5655e221733933c5527f7c21840c4c17f344d43032d93ca0911978c4a180c4285f5
-
SSDEEP
3072:Pn+NcOOqIGx6PBewfgJE0O1kL1q4n4EvqA6rRrr0W5Pt1eJuwout:P+NXvIGEPBeY0O0fn61rrL51/woS
Static task
static1
Behavioral task
behavioral1
Sample
02f289afea55562825514bea687992fe.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
02f289afea55562825514bea687992fe.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
02f289afea55562825514bea687992fe
-
Size
129KB
-
MD5
02f289afea55562825514bea687992fe
-
SHA1
b2acd397873bb99b15772397b3c8d9187cef9bc0
-
SHA256
6c13d1ffcaa86e0fbe2cce1b69789d7d7c0aa98e4358dd044287e913d07d7e15
-
SHA512
4294716259c073357e4dfc7e712a9fc089703614e449c65db2899f58fdb9e5655e221733933c5527f7c21840c4c17f344d43032d93ca0911978c4a180c4285f5
-
SSDEEP
3072:Pn+NcOOqIGx6PBewfgJE0O1kL1q4n4EvqA6rRrr0W5Pt1eJuwout:P+NXvIGEPBeY0O0fn61rrL51/woS
Score10/10-
Detect Blackmoon payload
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-