Overview

overview

10

Static

static

10

e240bd56d3...9N.exe

windows7-x64

10

e240bd56d3...9N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e240bd56d3eb7b12f12ec08a12159b387abf5d7fa94b3731a4d93962322b2739N

  • Size

    80KB

  • Sample

    241016-2ddknazdrn

  • MD5

    a10933d2b4a666750d84443bf6ab7470

  • SHA1

    8ef90f5b975f6f8f55fb610218e1d2ad21e778ff

  • SHA256

    e240bd56d3eb7b12f12ec08a12159b387abf5d7fa94b3731a4d93962322b2739

  • SHA512

    5c78ea9d29a7e12a344ed76c6d7286737416e5fb0a69059b26443bac72fc09a3f1bcfbefd3ce5bb98f75f021d6b989a9c6f7b64f651c5cd9d8a4d4188e0693f8

  • SSDEEP

    1536:QPvK/3zvzVJJicVLhilofshVjzJxuOmb54vHTL+lf:Qi5ikFSofCzVmb5uHv+lf

Score
10/10
blacknethackedevasiontrojan

Malware Config

Extracted

Family

blacknet

Botnet

HacKed

C2

https://www.gunnylaumienphi2017.com/

Mutex

BN[qNldZlCR-8683277]

Attributes
  • antivm

    true

  • elevate_uac

    false

  • install_name

    WindowsUpdate.exe

  • splitter

    |BN|

  • start_name

    cde2f914e4cce7f13b2c1cec7b6da970

  • startup

    false

  • usb_spread

    true

Targets

    • Target

      e240bd56d3eb7b12f12ec08a12159b387abf5d7fa94b3731a4d93962322b2739N

    • Size

      80KB

    • MD5

      a10933d2b4a666750d84443bf6ab7470

    • SHA1

      8ef90f5b975f6f8f55fb610218e1d2ad21e778ff

    • SHA256

      e240bd56d3eb7b12f12ec08a12159b387abf5d7fa94b3731a4d93962322b2739

    • SHA512

      5c78ea9d29a7e12a344ed76c6d7286737416e5fb0a69059b26443bac72fc09a3f1bcfbefd3ce5bb98f75f021d6b989a9c6f7b64f651c5cd9d8a4d4188e0693f8

    • SSDEEP

      1536:QPvK/3zvzVJJicVLhilofshVjzJxuOmb54vHTL+lf:Qi5ikFSofCzVmb5uHv+lf

    Score
    10/10
    blacknetevasiontrojan

    • BlackNET

      BlackNET is an open source remote access tool written in VB.NET.

      trojanblacknet

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Windows security modification

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks