Overview

overview

10

Static

static

10

9938c5a2dd...3N.exe

windows7-x64

10

9938c5a2dd...3N.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    9938c5a2ddebcb5479103529063a26479baf35c4bc9aac726e87a3fa0e1400d3N

  • Size

    80KB

  • Sample

    241013-tgyq1avdmc

  • MD5

    89d4d02b8c000bde9acdff2cc2a4a680

  • SHA1

    c02bbea5a2cdb88f9e1763d5596394645bcdf457

  • SHA256

    9938c5a2ddebcb5479103529063a26479baf35c4bc9aac726e87a3fa0e1400d3

  • SHA512

    74272a97f979ff877fe11e4810e9bb792d10aa13c69e041605eb151e062720b8af210316e083186399004196785c1a2633dc7e92db5c4fac11977a03e9c8c3ed

  • SSDEEP

    1536:QPvK/3zvzVJJicVLhilofshyjzJxuOmb54vHTL+lf:Qi5ikFSofPzVmb5uHv+lf

Score
10/10
blacknethackedevasiontrojan

Malware Config

Extracted

Family

blacknet

Botnet

HacKed

C2

https://www.gunnylaumienphi2017.com/

Mutex

BN[qNldZlCR-8683277]

Attributes
  • antivm

    true

  • elevate_uac

    false

  • install_name

    WindowsUpdate.exe

  • splitter

    |BN|

  • start_name

    cde2f914e4cce7f13b2c1cec7b6da970

  • startup

    false

  • usb_spread

    true

Targets

    • Target

      9938c5a2ddebcb5479103529063a26479baf35c4bc9aac726e87a3fa0e1400d3N

    • Size

      80KB

    • MD5

      89d4d02b8c000bde9acdff2cc2a4a680

    • SHA1

      c02bbea5a2cdb88f9e1763d5596394645bcdf457

    • SHA256

      9938c5a2ddebcb5479103529063a26479baf35c4bc9aac726e87a3fa0e1400d3

    • SHA512

      74272a97f979ff877fe11e4810e9bb792d10aa13c69e041605eb151e062720b8af210316e083186399004196785c1a2633dc7e92db5c4fac11977a03e9c8c3ed

    • SSDEEP

      1536:QPvK/3zvzVJJicVLhilofshyjzJxuOmb54vHTL+lf:Qi5ikFSofPzVmb5uHv+lf

    Score
    10/10
    blacknetevasiontrojan

    • BlackNET

      BlackNET is an open source remote access tool written in VB.NET.

      trojanblacknet

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Windows security modification

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks