Overview

overview

10

Static

static

10

D5EA5EC6D3...94.exe

windows7-x64

10

D5EA5EC6D3...94.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    152s
  • max time network
    162s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27-01-2024 14:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    D5EA5EC6D3DD740D1D8B6B817A667094.exe

  • Size

    75KB

  • MD5

    d5ea5ec6d3dd740d1d8b6b817a667094

  • SHA1

    f75cffadf0cb8c7afac041d42d7beb416474e96a

  • SHA256

    c9bd849cb30e63f3fa72d83b52303b21f3a880a5e7c6236e38a92dc078467e8d

  • SHA512

    c4cc9305e6d10ef16860c6f3c1a29dd0377d2946e5c17dd7cb4d8ec56d262840ee9530c542e82ac337e0abe558e0fe3c58465d11652a9feb1a6fba6494e2d2a8

  • SSDEEP

    1536:5ZuhD5z28TC2qM/AEc7s1PsYTgbSUPH4Lb0tY4:eNoEc7suugbSKHaboY4

Score
10/10
blacknettrojan

Malware Config

Signatures

  • BlackNET

    BlackNET is an open source remote access tool written in VB.NET.

    trojanblacknet
  • Suspicious behavior: EnumeratesProcesses 23 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\D5EA5EC6D3DD740D1D8B6B817A667094.exe
    "C:\Users\Admin\AppData\Local\Temp\D5EA5EC6D3DD740D1D8B6B817A667094.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3268

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3268-0-0x000000001B310000-0x000000001B3B6000-memory.dmp

    Filesize

    664KB

    Download

  • memory/3268-1-0x00007FFBDD680000-0x00007FFBDE021000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/3268-2-0x0000000000C20000-0x0000000000C30000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3268-3-0x000000001B890000-0x000000001BD5E000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/3268-4-0x00007FFBDD680000-0x00007FFBDE021000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/3268-5-0x000000001BE60000-0x000000001BEFC000-memory.dmp

    Filesize

    624KB

    Download

  • memory/3268-6-0x0000000000C10000-0x0000000000C18000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3268-7-0x000000001C110000-0x000000001C15C000-memory.dmp

    Filesize

    304KB

    Download

  • memory/3268-8-0x0000000000C20000-0x0000000000C30000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3268-9-0x000000001F190000-0x000000001F1F2000-memory.dmp

    Filesize

    392KB

    Download

  • memory/3268-10-0x0000000000C20000-0x0000000000C30000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3268-11-0x00007FFBDD680000-0x00007FFBDE021000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/3268-12-0x0000000000C20000-0x0000000000C30000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3268-13-0x0000000000C20000-0x0000000000C30000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3268-14-0x0000000000C20000-0x0000000000C30000-memory.dmp

    Filesize

    64KB

    Download