General
-
Target
f6f7e0629f0d107248d39ad75f1226c83320b4fd45f325bf982055ef2c69e050
-
Size
824KB
-
Sample
240523-zhjalaff3y
-
MD5
997ad85036019e3b8c98381e6667cc8a
-
SHA1
40b77bef60212124c1948d0dcaa419a99bae3610
-
SHA256
f6f7e0629f0d107248d39ad75f1226c83320b4fd45f325bf982055ef2c69e050
-
SHA512
1eb8985d8962a019c3935e02b07975bddefa1237071be79eeb3adf18b385aa3d8db5636693db65190c3165c2b34211bab90faf6e446394eb1033ff7b205fd59e
-
SSDEEP
12288:qkaQHdKLpn6gFkVauuUiXcLaFWKWVs/GOgMoYlI:naQHdKRFk8UiXcEWKWM7gMoY+
Behavioral task
behavioral1
Sample
f6f7e0629f0d107248d39ad75f1226c83320b4fd45f325bf982055ef2c69e050.exe
Resource
win7-20240215-en
Malware Config
Targets
-
-
Target
f6f7e0629f0d107248d39ad75f1226c83320b4fd45f325bf982055ef2c69e050
-
Size
824KB
-
MD5
997ad85036019e3b8c98381e6667cc8a
-
SHA1
40b77bef60212124c1948d0dcaa419a99bae3610
-
SHA256
f6f7e0629f0d107248d39ad75f1226c83320b4fd45f325bf982055ef2c69e050
-
SHA512
1eb8985d8962a019c3935e02b07975bddefa1237071be79eeb3adf18b385aa3d8db5636693db65190c3165c2b34211bab90faf6e446394eb1033ff7b205fd59e
-
SSDEEP
12288:qkaQHdKLpn6gFkVauuUiXcLaFWKWVs/GOgMoYlI:naQHdKRFk8UiXcEWKWM7gMoY+
-
Detect Blackmoon payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-