Description	Indicator	Process	Target
N/A	N/A	C:\Users\Admin\AppData\Local\Temp\a415df2634837cbbe0c0e4d4a4cfdaf04090571ebdf3a538c7e3a3f463edcb23.exe	N/A
N/A	N/A	C:\Users\Admin\AppData\Local\Temp\a415df2634837cbbe0c0e4d4a4cfdaf04090571ebdf3a538c7e3a3f463edcb23.exe	N/A

Processes

C:\Users\Admin\AppData\Local\Temp\a415df2634837cbbe0c0e4d4a4cfdaf04090571ebdf3a538c7e3a3f463edcb23.exe

"C:\Users\Admin\AppData\Local\Temp\a415df2634837cbbe0c0e4d4a4cfdaf04090571ebdf3a538c7e3a3f463edcb23.exe"

Network

N/A

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-14 07:43

Reported

2024-06-14 07:45

Platform

win10v2004-20240508-en

Max time kernel

51s

Max time network

51s

Command Line

"C:\Users\Admin\AppData\Local\Temp\a415df2634837cbbe0c0e4d4a4cfdaf04090571ebdf3a538c7e3a3f463edcb23.exe"

Signatures

Reads user/profile data of web browsers

spyware stealer

Suspicious use of SetWindowsHookEx

Description	Indicator	Process	Target
N/A	N/A	C:\Users\Admin\AppData\Local\Temp\a415df2634837cbbe0c0e4d4a4cfdaf04090571ebdf3a538c7e3a3f463edcb23.exe	N/A
N/A	N/A	C:\Users\Admin\AppData\Local\Temp\a415df2634837cbbe0c0e4d4a4cfdaf04090571ebdf3a538c7e3a3f463edcb23.exe	N/A

Processes

C:\Users\Admin\AppData\Local\Temp\a415df2634837cbbe0c0e4d4a4cfdaf04090571ebdf3a538c7e3a3f463edcb23.exe

"C:\Users\Admin\AppData\Local\Temp\a415df2634837cbbe0c0e4d4a4cfdaf04090571ebdf3a538c7e3a3f463edcb23.exe"

Network

Country	Destination	Domain	Proto
US	8.8.8.8:53	8.8.8.8.in-addr.arpa	udp

Files

N/A

Sample ID	240614-jj97psvamp
Target	a415df2634837cbbe0c0e4d4a4cfdaf04090571ebdf3a538c7e3a3f463edcb23
SHA256	a415df2634837cbbe0c0e4d4a4cfdaf04090571ebdf3a538c7e3a3f463edcb23
Tags	blackmoon spyware stealer

Malware Analysis Report

2024-09-11 16:59

Table of Contents

Analysis Overview

Threat Level: Known bad

Malicious Activity Summary

MITRE ATT&CK Matrix V13

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files