Overview

overview

10

Static

static

10

821b89cff2...a1.exe

windows7-x64

10

821b89cff2...a1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    821b89cff2bee107acb9565ce0e4801a0c3cd7e666e13bd7e0d11d99348ae2a1

  • Size

    80KB

  • Sample

    241010-3ck4sascld

  • MD5

    6c4dae2c3cdca7a0f6e99a79843f9c52

  • SHA1

    fb34809f2f29270c300d9e424d6e89d2ba7ab2aa

  • SHA256

    821b89cff2bee107acb9565ce0e4801a0c3cd7e666e13bd7e0d11d99348ae2a1

  • SHA512

    bb44166950f273318ab8e3656f51d31fdb549a507e8dae26715151d0bbdfdcb1fa52c0367de6b70088e33837b0df85e6695ec993c4d0f4b8439da6dd6eeeb706

  • SSDEEP

    1536:QPvK/3zvzVJJicVLhilofshFjzJxuOmb54vHTL+lf:Qi5ikFSofWzVmb5uHv+lf

Score
10/10
blacknethackedevasiontrojan

Malware Config

Extracted

Family

blacknet

Botnet

HacKed

C2

https://www.gunnylaumienphi2017.com/

Mutex

BN[qNldZlCR-8683277]

Attributes
  • antivm

    true

  • elevate_uac

    false

  • install_name

    WindowsUpdate.exe

  • splitter

    |BN|

  • start_name

    cde2f914e4cce7f13b2c1cec7b6da970

  • startup

    false

  • usb_spread

    true

Targets

    • Target

      821b89cff2bee107acb9565ce0e4801a0c3cd7e666e13bd7e0d11d99348ae2a1

    • Size

      80KB

    • MD5

      6c4dae2c3cdca7a0f6e99a79843f9c52

    • SHA1

      fb34809f2f29270c300d9e424d6e89d2ba7ab2aa

    • SHA256

      821b89cff2bee107acb9565ce0e4801a0c3cd7e666e13bd7e0d11d99348ae2a1

    • SHA512

      bb44166950f273318ab8e3656f51d31fdb549a507e8dae26715151d0bbdfdcb1fa52c0367de6b70088e33837b0df85e6695ec993c4d0f4b8439da6dd6eeeb706

    • SSDEEP

      1536:QPvK/3zvzVJJicVLhilofshFjzJxuOmb54vHTL+lf:Qi5ikFSofWzVmb5uHv+lf

    Score
    10/10
    blacknetevasiontrojan

    • BlackNET

      BlackNET is an open source remote access tool written in VB.NET.

      trojanblacknet

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Windows security modification

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks