General
-
Target
60f853180a79a596f490b01c554832dac7f2e469a94d8a213b1e5452c1e49d5b.exe
-
Size
4.7MB
-
Sample
240524-nnyrpafc86
-
MD5
e8d2018514da477fc1c3e218a24125d6
-
SHA1
6d7cfc49bb0929c2eb0f4028fe97983b876516cc
-
SHA256
60f853180a79a596f490b01c554832dac7f2e469a94d8a213b1e5452c1e49d5b
-
SHA512
98446881984402431b960ae7bd4faa1c420b5e2c0ebca2bb1bba01e070fc314884ce97b690f7211da76b3baabb17c1a4e773c63168bc97fbe38339babc68f303
-
SSDEEP
98304:ABTTPtxvAOlouIZdRytp5UJ8rA9s9o36B:rHm2J8rACn
Static task
static1
Behavioral task
behavioral1
Sample
60f853180a79a596f490b01c554832dac7f2e469a94d8a213b1e5452c1e49d5b.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
60f853180a79a596f490b01c554832dac7f2e469a94d8a213b1e5452c1e49d5b.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
60f853180a79a596f490b01c554832dac7f2e469a94d8a213b1e5452c1e49d5b.exe
-
Size
4.7MB
-
MD5
e8d2018514da477fc1c3e218a24125d6
-
SHA1
6d7cfc49bb0929c2eb0f4028fe97983b876516cc
-
SHA256
60f853180a79a596f490b01c554832dac7f2e469a94d8a213b1e5452c1e49d5b
-
SHA512
98446881984402431b960ae7bd4faa1c420b5e2c0ebca2bb1bba01e070fc314884ce97b690f7211da76b3baabb17c1a4e773c63168bc97fbe38339babc68f303
-
SSDEEP
98304:ABTTPtxvAOlouIZdRytp5UJ8rA9s9o36B:rHm2J8rACn
Score10/10-
Detect Blackmoon payload
-
Adds policy Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-