General
-
Target
190c1d3d1f171e6475c118d162e632e40d8ca596d0cd30df1052a6398e6f4773
-
Size
80KB
-
Sample
241017-xm4qzstcqm
-
MD5
44ab132e64b8cda5ab2fdbc612e749c2
-
SHA1
27340bc4a07b75d4b126e5cb7a10a65e8cf27621
-
SHA256
190c1d3d1f171e6475c118d162e632e40d8ca596d0cd30df1052a6398e6f4773
-
SHA512
e8c7d3a620adb7ba2aa1b65b8bf5e8d31affc20373e6f794c0cc8943cbba0c129942c533b4c023a0a3550db5186076521b72f456aa689f3187a02e63bf0345d5
-
SSDEEP
1536:+VtjAKqURk0Ex/tIWLSYGc5cmFF+TTdGka2dQe5GrpXLaN:CN1qURFY/RLSO5cmFY9GMdKGN
Behavioral task
behavioral1
Sample
190c1d3d1f171e6475c118d162e632e40d8ca596d0cd30df1052a6398e6f4773.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
190c1d3d1f171e6475c118d162e632e40d8ca596d0cd30df1052a6398e6f4773
-
Size
80KB
-
MD5
44ab132e64b8cda5ab2fdbc612e749c2
-
SHA1
27340bc4a07b75d4b126e5cb7a10a65e8cf27621
-
SHA256
190c1d3d1f171e6475c118d162e632e40d8ca596d0cd30df1052a6398e6f4773
-
SHA512
e8c7d3a620adb7ba2aa1b65b8bf5e8d31affc20373e6f794c0cc8943cbba0c129942c533b4c023a0a3550db5186076521b72f456aa689f3187a02e63bf0345d5
-
SSDEEP
1536:+VtjAKqURk0Ex/tIWLSYGc5cmFF+TTdGka2dQe5GrpXLaN:CN1qURFY/RLSO5cmFY9GMdKGN
-
Detect Blackmoon payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-