Overview

overview

10

Static

static

10

ea3d0b2dcb...2N.exe

windows7-x64

10

ea3d0b2dcb...2N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ea3d0b2dcb6f0c91e1a2d5302f5ba3c7f363ee2faf4c7e67e4037dab54e440b2N

  • Size

    80KB

  • Sample

    241013-ndwjkstdjd

  • MD5

    6a35ade43a69f5ea50e608328bac9700

  • SHA1

    a1175bc4718c53f0cd9726926d8c579322005d28

  • SHA256

    ea3d0b2dcb6f0c91e1a2d5302f5ba3c7f363ee2faf4c7e67e4037dab54e440b2

  • SHA512

    09896df4ee51e0c7bb681848e7ef5c7ac6c299e5bcda9365a00e6df91130a5d3e646aafd53887c6d8ea6f00c80f9ce95ce7958f9ccbd16b59be3e1f7de1dae50

  • SSDEEP

    1536:QPvK/3zvzVJJicVLhilofshMjzJxuOmb54vHTL+lf:Qi5ikFSoflzVmb5uHv+lf

Score
10/10
blacknethackedevasiontrojan

Malware Config

Extracted

Family

blacknet

Botnet

HacKed

C2

https://www.gunnylaumienphi2017.com/

Mutex

BN[qNldZlCR-8683277]

Attributes
  • antivm

    true

  • elevate_uac

    false

  • install_name

    WindowsUpdate.exe

  • splitter

    |BN|

  • start_name

    cde2f914e4cce7f13b2c1cec7b6da970

  • startup

    false

  • usb_spread

    true

Targets

    • Target

      ea3d0b2dcb6f0c91e1a2d5302f5ba3c7f363ee2faf4c7e67e4037dab54e440b2N

    • Size

      80KB

    • MD5

      6a35ade43a69f5ea50e608328bac9700

    • SHA1

      a1175bc4718c53f0cd9726926d8c579322005d28

    • SHA256

      ea3d0b2dcb6f0c91e1a2d5302f5ba3c7f363ee2faf4c7e67e4037dab54e440b2

    • SHA512

      09896df4ee51e0c7bb681848e7ef5c7ac6c299e5bcda9365a00e6df91130a5d3e646aafd53887c6d8ea6f00c80f9ce95ce7958f9ccbd16b59be3e1f7de1dae50

    • SSDEEP

      1536:QPvK/3zvzVJJicVLhilofshMjzJxuOmb54vHTL+lf:Qi5ikFSoflzVmb5uHv+lf

    Score
    10/10
    blacknetevasiontrojan

    • BlackNET

      BlackNET is an open source remote access tool written in VB.NET.

      trojanblacknet

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Windows security modification

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks