General
-
Target
4b277416dfaec448fe46c00bbfd7452fc39088b950db1e726afc7a0e21e6133b
-
Size
276KB
-
Sample
240418-q3nalseg82
-
MD5
4672d9ec8afed68730dbacf37313bbe9
-
SHA1
cddbaa96e181edc6ed29a347e72da58f4b4321f0
-
SHA256
4b277416dfaec448fe46c00bbfd7452fc39088b950db1e726afc7a0e21e6133b
-
SHA512
8d341ba5d88fcceeb9a2c69249a7609c002fbc03e44dc465fb437dc5f1b2de26e21c10565ccfe94505b6ba987367f7bbad69c9b7cd7213c940c98b9fe20d728b
-
SSDEEP
6144:0f2nHpwQwbzfo5QH2NYcr0rTNQ3wwVVBEsR2:0f2nHpwQwbzw5QH2Z0rhQA+B
Behavioral task
behavioral1
Sample
4b277416dfaec448fe46c00bbfd7452fc39088b950db1e726afc7a0e21e6133b.exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
4b277416dfaec448fe46c00bbfd7452fc39088b950db1e726afc7a0e21e6133b
-
Size
276KB
-
MD5
4672d9ec8afed68730dbacf37313bbe9
-
SHA1
cddbaa96e181edc6ed29a347e72da58f4b4321f0
-
SHA256
4b277416dfaec448fe46c00bbfd7452fc39088b950db1e726afc7a0e21e6133b
-
SHA512
8d341ba5d88fcceeb9a2c69249a7609c002fbc03e44dc465fb437dc5f1b2de26e21c10565ccfe94505b6ba987367f7bbad69c9b7cd7213c940c98b9fe20d728b
-
SSDEEP
6144:0f2nHpwQwbzfo5QH2NYcr0rTNQ3wwVVBEsR2:0f2nHpwQwbzw5QH2Z0rhQA+B
-
Detect Blackmoon payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops file in System32 directory
-