Overview

overview

10

Static

static

10

33ce2ea80b...aN.exe

windows7-x64

10

33ce2ea80b...aN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    33ce2ea80bbfc03e8f37df29f47dd587d2a63d2fe143fa027aaf0c34ff9d72daN

  • Size

    80KB

  • Sample

    241015-mpc1yatdrm

  • MD5

    8fbae17190f551890efc63e5d8a72380

  • SHA1

    5f10ee501623c3f753a3bd3fe8d5e295db2e6dcc

  • SHA256

    33ce2ea80bbfc03e8f37df29f47dd587d2a63d2fe143fa027aaf0c34ff9d72da

  • SHA512

    499200c061603f3fce8f6ca6e164b27315733649d4a5e7cedf3eef0f48bf2056d6d0df90191f65e7474cd3a696bffbb7832447f907b72e421aed512c3bde3ccd

  • SSDEEP

    1536:QPvK/3zvzVJJicVLhilofsh8jzJxuOmb54vHTL+lf:Qi5ikFSofxzVmb5uHv+lf

Score
10/10
blacknethackedevasiontrojan

Malware Config

Extracted

Family

blacknet

Botnet

HacKed

C2

https://www.gunnylaumienphi2017.com/

Mutex

BN[qNldZlCR-8683277]

Attributes
  • antivm

    true

  • elevate_uac

    false

  • install_name

    WindowsUpdate.exe

  • splitter

    |BN|

  • start_name

    cde2f914e4cce7f13b2c1cec7b6da970

  • startup

    false

  • usb_spread

    true

Targets

    • Target

      33ce2ea80bbfc03e8f37df29f47dd587d2a63d2fe143fa027aaf0c34ff9d72daN

    • Size

      80KB

    • MD5

      8fbae17190f551890efc63e5d8a72380

    • SHA1

      5f10ee501623c3f753a3bd3fe8d5e295db2e6dcc

    • SHA256

      33ce2ea80bbfc03e8f37df29f47dd587d2a63d2fe143fa027aaf0c34ff9d72da

    • SHA512

      499200c061603f3fce8f6ca6e164b27315733649d4a5e7cedf3eef0f48bf2056d6d0df90191f65e7474cd3a696bffbb7832447f907b72e421aed512c3bde3ccd

    • SSDEEP

      1536:QPvK/3zvzVJJicVLhilofsh8jzJxuOmb54vHTL+lf:Qi5ikFSofxzVmb5uHv+lf

    Score
    10/10
    blacknetevasiontrojan

    • BlackNET

      BlackNET is an open source remote access tool written in VB.NET.

      trojanblacknet

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Windows security modification

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks