Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
23-05-2024 05:07
Behavioral task
behavioral1
Sample
af6782f3135a031227acbf3705eb2aec14acbe2986478af5406579e12e7cc90d.exe
Resource
win7-20240508-en
windows7-x64
2 signatures
150 seconds
General
-
Target
af6782f3135a031227acbf3705eb2aec14acbe2986478af5406579e12e7cc90d.exe
-
Size
10.2MB
-
MD5
74bd6f8c98b1d629bd3e101f80591656
-
SHA1
8f98b73dee558d497701ae8a5a9ed959f3d808f4
-
SHA256
af6782f3135a031227acbf3705eb2aec14acbe2986478af5406579e12e7cc90d
-
SHA512
8b5e306604093d4c35a536cf388e4d4ccb041525ae5a5ba2001db9a52240d78689ae551ce89b3e0b602429a9ad9b7ef3d8cc975d40b1ae7a0f91a56815841878
-
SSDEEP
196608:YK1kEah3kduGA91aGLVFs4ETLmYHhByFgTQdFqDl8mWd1CLjChI:TEh3+ux1a6+TLLyFXFZuLehI
Malware Config
Signatures
-
Detect Blackmoon payload 3 IoCs
Processes:
resource yara_rule behavioral2/memory/656-0-0x0000000000400000-0x0000000000E54000-memory.dmp family_blackmoon behavioral2/memory/656-1-0x0000000010000000-0x00000000105FA000-memory.dmp family_blackmoon behavioral2/memory/656-8-0x0000000000400000-0x0000000000E54000-memory.dmp family_blackmoon