General
-
Target
4cc104acecede94686c15cfd1abf325133da18c638871e5531130eb6d3f066ac
-
Size
10.9MB
-
Sample
240526-fn33eagf46
-
MD5
8f008ebc1ce9bfdd918b4455c717f5e4
-
SHA1
252f16cba0c69717ba78d2628dcb8ac9fa234261
-
SHA256
4cc104acecede94686c15cfd1abf325133da18c638871e5531130eb6d3f066ac
-
SHA512
15c16da7df80433b55c06de895f37423f966701f7e8e0d6aba119f00d82ba077ce8aa4c9b09d134bfe1b59295563e81bbe9db866b1e93ed688583031fd4be72e
-
SSDEEP
196608:elRs+agtY9r6ZQDI61GkNriIV4Sxx+B5Koqcmo8ob13VOXxVOX:aRs+FXv6knIV4S6A+
Static task
static1
Behavioral task
behavioral1
Sample
4cc104acecede94686c15cfd1abf325133da18c638871e5531130eb6d3f066ac.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
4cc104acecede94686c15cfd1abf325133da18c638871e5531130eb6d3f066ac
-
Size
10.9MB
-
MD5
8f008ebc1ce9bfdd918b4455c717f5e4
-
SHA1
252f16cba0c69717ba78d2628dcb8ac9fa234261
-
SHA256
4cc104acecede94686c15cfd1abf325133da18c638871e5531130eb6d3f066ac
-
SHA512
15c16da7df80433b55c06de895f37423f966701f7e8e0d6aba119f00d82ba077ce8aa4c9b09d134bfe1b59295563e81bbe9db866b1e93ed688583031fd4be72e
-
SSDEEP
196608:elRs+agtY9r6ZQDI61GkNriIV4Sxx+B5Koqcmo8ob13VOXxVOX:aRs+FXv6knIV4S6A+
-
Detect Blackmoon payload
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-