Overview

overview

10

Static

static

10

D5EA5EC6D3...94.exe

windows7-x64

10

D5EA5EC6D3...94.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    142s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/01/2024, 14:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    D5EA5EC6D3DD740D1D8B6B817A667094.exe

  • Size

    75KB

  • MD5

    d5ea5ec6d3dd740d1d8b6b817a667094

  • SHA1

    f75cffadf0cb8c7afac041d42d7beb416474e96a

  • SHA256

    c9bd849cb30e63f3fa72d83b52303b21f3a880a5e7c6236e38a92dc078467e8d

  • SHA512

    c4cc9305e6d10ef16860c6f3c1a29dd0377d2946e5c17dd7cb4d8ec56d262840ee9530c542e82ac337e0abe558e0fe3c58465d11652a9feb1a6fba6494e2d2a8

  • SSDEEP

    1536:5ZuhD5z28TC2qM/AEc7s1PsYTgbSUPH4Lb0tY4:eNoEc7suugbSKHaboY4

Score
10/10
blacknettrojan

Malware Config

Signatures

  • BlackNET

    BlackNET is an open source remote access tool written in VB.NET.

    trojanblacknet
  • Suspicious behavior: EnumeratesProcesses 24 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\D5EA5EC6D3DD740D1D8B6B817A667094.exe
    "C:\Users\Admin\AppData\Local\Temp\D5EA5EC6D3DD740D1D8B6B817A667094.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3336

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3336-0-0x000000001BF00000-0x000000001BFA6000-memory.dmp

    Filesize

    664KB

    Download

  • memory/3336-1-0x00007FF9A9730000-0x00007FF9AA0D1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/3336-2-0x00007FF9A9730000-0x00007FF9AA0D1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/3336-3-0x000000001C5A0000-0x000000001CA6E000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/3336-4-0x0000000001410000-0x0000000001420000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3336-5-0x000000001CA70000-0x000000001CB0C000-memory.dmp

    Filesize

    624KB

    Download

  • memory/3336-6-0x00000000016D0000-0x00000000016D8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3336-7-0x000000001CBF0000-0x000000001CC3C000-memory.dmp

    Filesize

    304KB

    Download

  • memory/3336-8-0x0000000001410000-0x0000000001420000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3336-9-0x000000001D5F0000-0x000000001D652000-memory.dmp

    Filesize

    392KB

    Download

  • memory/3336-10-0x0000000001410000-0x0000000001420000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3336-11-0x00007FF9A9730000-0x00007FF9AA0D1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/3336-12-0x0000000001410000-0x0000000001420000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3336-13-0x0000000001410000-0x0000000001420000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3336-14-0x0000000001410000-0x0000000001420000-memory.dmp

    Filesize

    64KB

    Download