Analysis
-
max time kernel
141s -
max time network
103s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
22-05-2024 13:38
Behavioral task
behavioral1
Sample
94a06b96b553a616ce18ea8af95d197c3e38522282c31147edb3cac725bd3d5f.exe
Resource
win7-20240508-en
windows7-x64
2 signatures
150 seconds
General
-
Target
94a06b96b553a616ce18ea8af95d197c3e38522282c31147edb3cac725bd3d5f.exe
-
Size
3.0MB
-
MD5
a4118b07735eba20619ff6fa9bae4d7a
-
SHA1
8505611d0821e635bf9dc2d56a2cdda3bfd32d73
-
SHA256
94a06b96b553a616ce18ea8af95d197c3e38522282c31147edb3cac725bd3d5f
-
SHA512
19e2ab57b9fe4d41e030062f599737bc7a475f86948d8d4a7ed94ae34c74f22e123a0aa09b6840d64ccd9287d858771daa8d273506d538cc15c51190bb329616
-
SSDEEP
49152:7lb/lEcUfxmee5y0y4vdkNLavsI/hgXXpLxwCIhhpq/a8r+koMIPnhRCBviVuhz+:71lE5Be5tTQLavsI/hqp2RXq/xrNvviP
Malware Config
Signatures
-
Detect Blackmoon payload 6 IoCs
Processes:
resource yara_rule behavioral2/memory/2136-2-0x0000000000400000-0x000000000092F000-memory.dmp family_blackmoon behavioral2/memory/2136-3-0x0000000000400000-0x000000000092F000-memory.dmp family_blackmoon behavioral2/memory/2136-1-0x0000000000400000-0x000000000092F000-memory.dmp family_blackmoon behavioral2/memory/2136-6-0x0000000000400000-0x000000000092F000-memory.dmp family_blackmoon behavioral2/memory/2136-11-0x0000000000400000-0x000000000092F000-memory.dmp family_blackmoon behavioral2/memory/2136-15-0x0000000000400000-0x000000000092F000-memory.dmp family_blackmoon
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2136-0-0x0000000000400000-0x000000000092F000-memory.dmpFilesize
5.2MB
-
memory/2136-2-0x0000000000400000-0x000000000092F000-memory.dmpFilesize
5.2MB
-
memory/2136-3-0x0000000000400000-0x000000000092F000-memory.dmpFilesize
5.2MB
-
memory/2136-1-0x0000000000400000-0x000000000092F000-memory.dmpFilesize
5.2MB
-
memory/2136-4-0x0000000010000000-0x0000000010059000-memory.dmpFilesize
356KB
-
memory/2136-5-0x0000000003460000-0x0000000003601000-memory.dmpFilesize
1.6MB
-
memory/2136-6-0x0000000000400000-0x000000000092F000-memory.dmpFilesize
5.2MB
-
memory/2136-8-0x0000000003460000-0x0000000003601000-memory.dmpFilesize
1.6MB
-
memory/2136-11-0x0000000000400000-0x000000000092F000-memory.dmpFilesize
5.2MB
-
memory/2136-15-0x0000000000400000-0x000000000092F000-memory.dmpFilesize
5.2MB