blackmoon | c5a29f0a72d08834fbd2ebb663d733c061bd14095d2faa9daa6f7b10be7b0d7a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c5a29f0a72d08834fbd2ebb663d733c061bd14095d2faa9daa6f7b10be7b0d7a
Size

15.6MB
Sample

240828-yst96stbng
MD5

48934e27dabe8827d4d6f18513be15f1
SHA1

4822af750c2e3d5446bfcbb38be921abdcfcf758
SHA256

c5a29f0a72d08834fbd2ebb663d733c061bd14095d2faa9daa6f7b10be7b0d7a
SHA512

8bae658afde132d58eaf80cb1f4d9a5b6bdb49e7093d33633c927ab98209b2dc43a4d54571192a3991e65a6e7bf4913e50e7d4ce8219a1109cab94c2d8484222
SSDEEP

393216:Xt4PlGCqfSTA/FdouR8W4EZ6MRQ5vSW3SGT9ctNp:0wxfddouRz4EZ/GqqxctD

Score

10^/10

blackmoon discovery

Malware Config

Targets

- Target
  
  YY语音.exe
- Size
  
  18.6MB
- MD5
  
  f0f36cbcfb5ee0945b5a914f44147956
- SHA1
  
  5d840abd671d8e4426168771b23e3cda98e67d41
- SHA256
  
  5a46c5f8d7412eadf0f20f1b175a1e084b556e68c3986942bd3aa64752b6f47a
- SHA512
  
  52e68a0d98571d36e2430a9ed21f73fdfced41fa5cb71bae3b56257826c2b94933bf961e98bf3efac412fd6a7a58a2576ef30bf81182b09accc1d6ae06bc4990
- SSDEEP
  
  393216:bqwMUFn3jd9SES+dtnmbzQST+vQcGBM9mjOoWr:+wht5tddtnCsQSQc/mja
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2