Overview

overview

10

Static

static

10

2e4d872360...5b.exe

windows7-x64

10

2e4d872360...5b.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    147s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02-04-2024 10:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2e4d8723602c5ffc6409dceb0cb4ced2e749e374a0fcd41fe92e0fd50f817c5b.exe

  • Size

    141KB

  • MD5

    8c64a02c90f20524920e6e5e482b5a55

  • SHA1

    cc0f119b3d8e6d91f6e49d9cd21df4bc6b478b52

  • SHA256

    2e4d8723602c5ffc6409dceb0cb4ced2e749e374a0fcd41fe92e0fd50f817c5b

  • SHA512

    45b43dace1960596f7da79f9fec0dc4189ad7d8c5c3d6f6372a6b52d5adc5077ab50e5832852b0e69c92a02b637fb96d5b2f275738a653cb1113e42a9c2a7105

  • SSDEEP

    1536:VZuhD5z28TC2u8OpBPncFPAcTgbSUPH4Lh0tY7:ah0BPncKCgbSKHahoY7

Score
10/10
blacknettrojan

Malware Config

Signatures

  • BlackNET

    BlackNET is an open source remote access tool written in VB.NET.

    trojanblacknet
  • Suspicious behavior: EnumeratesProcesses 23 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2e4d8723602c5ffc6409dceb0cb4ced2e749e374a0fcd41fe92e0fd50f817c5b.exe
    "C:\Users\Admin\AppData\Local\Temp\2e4d8723602c5ffc6409dceb0cb4ced2e749e374a0fcd41fe92e0fd50f817c5b.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1008

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1008-0-0x00007FFCE6190000-0x00007FFCE6B31000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/1008-1-0x000000001BBF0000-0x000000001BC96000-memory.dmp

    Filesize

    664KB

    Download

  • memory/1008-2-0x00007FFCE6190000-0x00007FFCE6B31000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/1008-3-0x00000000017E0000-0x00000000017F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1008-4-0x000000001C170000-0x000000001C63E000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/1008-5-0x000000001C6E0000-0x000000001C77C000-memory.dmp

    Filesize

    624KB

    Download

  • memory/1008-6-0x0000000001460000-0x0000000001468000-memory.dmp

    Filesize

    32KB

    Download

  • memory/1008-7-0x000000001C980000-0x000000001C9CC000-memory.dmp

    Filesize

    304KB

    Download

  • memory/1008-8-0x00000000017E0000-0x00000000017F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1008-9-0x000000001D5D0000-0x000000001D632000-memory.dmp

    Filesize

    392KB

    Download

  • memory/1008-10-0x00000000017E0000-0x00000000017F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1008-11-0x00007FFCE6190000-0x00007FFCE6B31000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/1008-12-0x00000000017E0000-0x00000000017F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1008-13-0x00000000017E0000-0x00000000017F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1008-14-0x00000000017E0000-0x00000000017F0000-memory.dmp

    Filesize

    64KB

    Download