General
-
Target
30c3067f523ed3123a9fa0c1ee4d209d5cd5770d0c1607e192d03455cc04a47d
-
Size
9.1MB
-
Sample
240524-gbnmmafc58
-
MD5
1d210391c6bc1cd255b5e426bdf2c98c
-
SHA1
9c66ec96462385bfdf4a53269a771e58e9c32251
-
SHA256
30c3067f523ed3123a9fa0c1ee4d209d5cd5770d0c1607e192d03455cc04a47d
-
SHA512
0ad95eddea508abb1858c30483047e4dcfc045b55946e067d1f29a8c45ec7769cd255773a36906800b0cd3df51fefc229830917df9acef6fd0f7befcb2779e67
-
SSDEEP
196608:wbsJGqjBpDyHl+rFeyaxJrbvAFTKlOcnIq/GxApza7Wl0WWy/wa2X3iow29UclX3:wbgjBFyl+rg/bkt0nBGe07Wsiow29UcR
Behavioral task
behavioral1
Sample
30c3067f523ed3123a9fa0c1ee4d209d5cd5770d0c1607e192d03455cc04a47d.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
30c3067f523ed3123a9fa0c1ee4d209d5cd5770d0c1607e192d03455cc04a47d
-
Size
9.1MB
-
MD5
1d210391c6bc1cd255b5e426bdf2c98c
-
SHA1
9c66ec96462385bfdf4a53269a771e58e9c32251
-
SHA256
30c3067f523ed3123a9fa0c1ee4d209d5cd5770d0c1607e192d03455cc04a47d
-
SHA512
0ad95eddea508abb1858c30483047e4dcfc045b55946e067d1f29a8c45ec7769cd255773a36906800b0cd3df51fefc229830917df9acef6fd0f7befcb2779e67
-
SSDEEP
196608:wbsJGqjBpDyHl+rFeyaxJrbvAFTKlOcnIq/GxApza7Wl0WWy/wa2X3iow29UclX3:wbgjBFyl+rg/bkt0nBGe07Wsiow29UcR
-
Detect Blackmoon payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-