General
-
Target
b74fb1e2d98a6571996728e61309ea9ff7f74107798e9336190d8f08a1e43b91
-
Size
2.0MB
-
Sample
240526-mkm1cafh63
-
MD5
91e79eb94adfd8eb06b9700fac3fe29e
-
SHA1
40050fd16b571a2c13db055a2cf083194952f094
-
SHA256
b74fb1e2d98a6571996728e61309ea9ff7f74107798e9336190d8f08a1e43b91
-
SHA512
96e3981ce30c3a8d36afd4714be91c267933cf0a28a4344f4916bb80c7cee26e6554a40299a6bdedd38d6a6f08543a4766280c71f4d4f549154974beeda1c6ae
-
SSDEEP
49152:iCdfr4mv+IzkEA3sG43+gtglo3b1kGbyS+xoI99FtA:iCdfr4mv+IzlZOgtDVMT7
Static task
static1
Behavioral task
behavioral1
Sample
b74fb1e2d98a6571996728e61309ea9ff7f74107798e9336190d8f08a1e43b91.dll
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
b74fb1e2d98a6571996728e61309ea9ff7f74107798e9336190d8f08a1e43b91.dll
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
b74fb1e2d98a6571996728e61309ea9ff7f74107798e9336190d8f08a1e43b91
-
Size
2.0MB
-
MD5
91e79eb94adfd8eb06b9700fac3fe29e
-
SHA1
40050fd16b571a2c13db055a2cf083194952f094
-
SHA256
b74fb1e2d98a6571996728e61309ea9ff7f74107798e9336190d8f08a1e43b91
-
SHA512
96e3981ce30c3a8d36afd4714be91c267933cf0a28a4344f4916bb80c7cee26e6554a40299a6bdedd38d6a6f08543a4766280c71f4d4f549154974beeda1c6ae
-
SSDEEP
49152:iCdfr4mv+IzkEA3sG43+gtglo3b1kGbyS+xoI99FtA:iCdfr4mv+IzlZOgtDVMT7
Score10/10-
Detect Blackmoon payload
-
Blocklisted process makes network request
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-