blacknet | a25f5a796b86f95ab6e7cfb0ad7f8bef109748ff4667477697dea597180d1d7a | Triage

Submit
Reports

Overview

overview

Static

static

3

2d745d5bb3...fe.exe

windows7-x64

2d745d5bb3...fe.exe

windows10-2004-x64

Sharing

General

Target

2d745d5bb38d4bd8f13ff66551772efe
Size

1.1MB
Sample

231231-jb5l9agdhk
MD5

2d745d5bb38d4bd8f13ff66551772efe
SHA1

6ccbd6fac2c228173b80caddaed057af5cc22d8d
SHA256

a25f5a796b86f95ab6e7cfb0ad7f8bef109748ff4667477697dea597180d1d7a
SHA512

70e736171ad1d5aee0d68b247fbe0afd415bc630399e4555a91dd43792794cd723912962a2a20f900a85bdd58040c20210c74e8f1b4456538003d18df7cae146
SSDEEP

24576:CcHSyExY6ViWhAkezLjJ9I9WSRJSBAIwDsJsT9dJdKspBBjgb:Coeb7ez7I9WdB5wDwsThdKspBBjg

Score

10^/10

blacknet hello trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2d745d5bb38d4bd8f13ff66551772efe.exe

Resource

win7-20231215-en

blacknet trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

2d745d5bb38d4bd8f13ff66551772efe.exe

Resource

win10v2004-20231215-en

blacknet hello trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

blacknet

Version

v3.6.0 Public

Botnet

Hello

C2

http://141.95.21.84

Mutex

BN[lEBYtSLH-5805348]

Attributes

antivm
false
elevate_uac
false
install_name
WindowsUpdate.exe
splitter
|BN|
start_name
68b4a4f47850fb62cd2157162048241c
startup
true
usb_spread
false

Targets

- Target
  
  2d745d5bb38d4bd8f13ff66551772efe
- Size
  
  1.1MB
- MD5
  
  2d745d5bb38d4bd8f13ff66551772efe
- SHA1
  
  6ccbd6fac2c228173b80caddaed057af5cc22d8d
- SHA256
  
  a25f5a796b86f95ab6e7cfb0ad7f8bef109748ff4667477697dea597180d1d7a
- SHA512
  
  70e736171ad1d5aee0d68b247fbe0afd415bc630399e4555a91dd43792794cd723912962a2a20f900a85bdd58040c20210c74e8f1b4456538003d18df7cae146
- SSDEEP
  
  24576:CcHSyExY6ViWhAkezLjJ9I9WSRJSBAIwDsJsT9dJdKspBBjgb:Coeb7ez7I9WdB5wDwsThdKspBBjg
Score

10^/10

blacknet trojan hello
- BlackNET
  BlackNET is an open source remote access tool written in VB.NET.
  trojan blacknet
- BlackNET payload
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

blacknethellotrojan

© 2018-2024

Terms | Privacy