Overview

overview

10

Static

static

10

1da0f0942a...2N.exe

windows7-x64

10

1da0f0942a...2N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1da0f0942a724175598b49fca98d9712c62a1c12d51f93f48266e6cfa7c8e212N

  • Size

    80KB

  • Sample

    241014-xbvnyatgmn

  • MD5

    6cef4ea2e723ac05e24e3ceb76fabd50

  • SHA1

    7657bd3be6b0f14cc85ea0304be672a4c38f2a7f

  • SHA256

    1da0f0942a724175598b49fca98d9712c62a1c12d51f93f48266e6cfa7c8e212

  • SHA512

    edbde0e7c00f4a578f8e5d394ce8a3b6c5793f8e469731202f8e26f6836f28e56c87a571f1d5c44b644d5112ddc9db08b3e97637d3806c2b76f2e37baa6732d4

  • SSDEEP

    1536:QPvK/3zvzVJJicVLhilofshUjzJxuOmb54vHTL+lf:Qi5ikFSofxzVmb5uHv+lf

Score
10/10
blacknethackedevasiontrojan

Malware Config

Extracted

Family

blacknet

Botnet

HacKed

C2

https://www.gunnylaumienphi2017.com/

Mutex

BN[qNldZlCR-8683277]

Attributes
  • antivm

    true

  • elevate_uac

    false

  • install_name

    WindowsUpdate.exe

  • splitter

    |BN|

  • start_name

    cde2f914e4cce7f13b2c1cec7b6da970

  • startup

    false

  • usb_spread

    true

Targets

    • Target

      1da0f0942a724175598b49fca98d9712c62a1c12d51f93f48266e6cfa7c8e212N

    • Size

      80KB

    • MD5

      6cef4ea2e723ac05e24e3ceb76fabd50

    • SHA1

      7657bd3be6b0f14cc85ea0304be672a4c38f2a7f

    • SHA256

      1da0f0942a724175598b49fca98d9712c62a1c12d51f93f48266e6cfa7c8e212

    • SHA512

      edbde0e7c00f4a578f8e5d394ce8a3b6c5793f8e469731202f8e26f6836f28e56c87a571f1d5c44b644d5112ddc9db08b3e97637d3806c2b76f2e37baa6732d4

    • SSDEEP

      1536:QPvK/3zvzVJJicVLhilofshUjzJxuOmb54vHTL+lf:Qi5ikFSofxzVmb5uHv+lf

    Score
    10/10
    blacknetevasiontrojan

    • BlackNET

      BlackNET is an open source remote access tool written in VB.NET.

      trojanblacknet

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Windows security modification

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks