General
-
Target
2c25c74f6e95c83d05b38ff18490593a82ab252c81861637dc0a1bdeb2172b6e
-
Size
437KB
-
Sample
240524-ysqa8ahc8t
-
MD5
18d3cb423bfa0e317a2c0445ebbb42c9
-
SHA1
dd6f79916556fc50828e419f25e6a2cb627f5573
-
SHA256
2c25c74f6e95c83d05b38ff18490593a82ab252c81861637dc0a1bdeb2172b6e
-
SHA512
1ef4c736f52bb325d5cffb3624336f0b0bfa61833bfa34ac69cbbd9d5a1ccc5cdd8c618e60c15eeab4d5c5ad78bd2175aa3d71ec595d03d69dc1df25e81b81dd
-
SSDEEP
6144:5fweR7gpANB0sv2YYuwfDoOPV1x0GwYpk09RhyQ3ZmF:J1R7gpAwsuvDNP/xyqk09TyCcF
Behavioral task
behavioral1
Sample
2c25c74f6e95c83d05b38ff18490593a82ab252c81861637dc0a1bdeb2172b6e.exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
2c25c74f6e95c83d05b38ff18490593a82ab252c81861637dc0a1bdeb2172b6e
-
Size
437KB
-
MD5
18d3cb423bfa0e317a2c0445ebbb42c9
-
SHA1
dd6f79916556fc50828e419f25e6a2cb627f5573
-
SHA256
2c25c74f6e95c83d05b38ff18490593a82ab252c81861637dc0a1bdeb2172b6e
-
SHA512
1ef4c736f52bb325d5cffb3624336f0b0bfa61833bfa34ac69cbbd9d5a1ccc5cdd8c618e60c15eeab4d5c5ad78bd2175aa3d71ec595d03d69dc1df25e81b81dd
-
SSDEEP
6144:5fweR7gpANB0sv2YYuwfDoOPV1x0GwYpk09RhyQ3ZmF:J1R7gpAwsuvDNP/xyqk09TyCcF
-
Detect Blackmoon payload
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-