blacknet | cecb31cf6a9bde154c2a3e37cf074ca33cbc8854f39ef54a2274cfc8aa0622ae | Triage

Sharing

General

Target

cecb31cf6a9bde154c2a3e37cf074ca33cbc8854f39ef54a2274cfc8aa0622ae
Size

80KB
Sample

241012-de23mstcnj
MD5

be9bbca962e0660f31c0bb31e3078ed9
SHA1

c45c084aee345f4e8a017a02eaa3df33655120aa
SHA256

cecb31cf6a9bde154c2a3e37cf074ca33cbc8854f39ef54a2274cfc8aa0622ae
SHA512

2f0db1b3d91853ddb889ce8e8de381a4cae2adfc27f5de99249d1845df2d4c02ada92efde01828d805e6f4f516ffe56acf061b18a98bd5ecf3e9aa3687521db9
SSDEEP

1536:QPvK/3zvzVJJicVLhilofshojzJxuOmb54vHTL+lf:Qi5ikFSof5zVmb5uHv+lf

Score

10^/10

blacknet hacked evasion trojan

Malware Config

Extracted

Family

blacknet

Botnet

HacKed

C2

https://www.gunnylaumienphi2017.com/

Mutex

BN[qNldZlCR-8683277]

Attributes

antivm
true
elevate_uac
false
install_name
WindowsUpdate.exe
splitter
|BN|
start_name
cde2f914e4cce7f13b2c1cec7b6da970
startup
false
usb_spread
true

Targets

- Target
  
  cecb31cf6a9bde154c2a3e37cf074ca33cbc8854f39ef54a2274cfc8aa0622ae
- Size
  
  80KB
- MD5
  
  be9bbca962e0660f31c0bb31e3078ed9
- SHA1
  
  c45c084aee345f4e8a017a02eaa3df33655120aa
- SHA256
  
  cecb31cf6a9bde154c2a3e37cf074ca33cbc8854f39ef54a2274cfc8aa0622ae
- SHA512
  
  2f0db1b3d91853ddb889ce8e8de381a4cae2adfc27f5de99249d1845df2d4c02ada92efde01828d805e6f4f516ffe56acf061b18a98bd5ecf3e9aa3687521db9
- SSDEEP
  
  1536:QPvK/3zvzVJJicVLhilofshojzJxuOmb54vHTL+lf:Qi5ikFSof5zVmb5uHv+lf
Score

10^/10

blacknet evasion trojan
- BlackNET
  BlackNET is an open source remote access tool written in VB.NET.
  trojan blacknet
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blacknetevasiontrojan

behavioral2

blacknetevasiontrojan