blacknet | d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6ad

Analysis

max time kernel
120s
max time network
106s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
18-10-2024 07:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
Size

83KB
MD5

5ca7735ec7c6ec2c7d582d6e780cdd30
SHA1

d15493ac49a6160fb5a7757e1f4f9821df9101d8
SHA256

d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6ad
SHA512

e6399f38ee0c7230f88e9bae97b9806e6304e462f7c10f6fa148d66704572b8dbee0f0df6b196518d289b31b4f0669a76e16179a98a7b23d3454793d92147138
SSDEEP

1536:PwPvK/3zvzVohd9BRiF/JUvjzJxuOmb54vHTLazm7/:PwiGDjiV6zVmb5uHvmm7/

Score

10^/10

blacknet trojan

Malware Config

Signatures

BlackNET
BlackNET is an open source remote access tool written in VB.NET.
trojan blacknet

Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes:

d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe

pid	Process
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe

description	pid	Process
Token: SeDebugPrivilege	4852	d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe

C:\Users\Admin\AppData\Local\Temp\d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe
"C:\Users\Admin\AppData\Local\Temp\d80c2727a34639703abccfff6aed67514936d983b8aad5f2db08606dea86a6adN.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:4852

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4852-0-0x00007FF92A335000-0x00007FF92A336000-memory.dmp

Filesize
4KB

Download
memory/4852-1-0x000000001B3B0000-0x000000001B456000-memory.dmp

Filesize
664KB

Download
memory/4852-2-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-3-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-4-0x000000001B930000-0x000000001BDFE000-memory.dmp

Filesize
4.8MB

Download
memory/4852-5-0x000000001BF00000-0x000000001BF9C000-memory.dmp

Filesize
624KB

Download
memory/4852-6-0x0000000000B90000-0x0000000000B98000-memory.dmp

Filesize
32KB

Download
memory/4852-7-0x000000001C060000-0x000000001C0AC000-memory.dmp

Filesize
304KB

Download
memory/4852-8-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-9-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-10-0x000000001F210000-0x000000001F272000-memory.dmp

Filesize
392KB

Download
memory/4852-11-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-12-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-13-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-14-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-15-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-16-0x00007FF92A335000-0x00007FF92A336000-memory.dmp

Filesize
4KB

Download
memory/4852-17-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-18-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-19-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-20-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-21-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-22-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-23-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-24-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-25-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-26-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-27-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-28-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-29-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-30-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-31-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-32-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-33-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-34-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-35-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-36-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-37-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-38-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-39-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-40-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-41-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-42-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-43-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-44-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-45-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-46-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-47-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-48-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-49-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-50-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-52-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-51-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-53-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-54-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-55-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-56-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-57-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-58-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-59-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-60-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-61-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-62-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-63-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-64-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-65-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-66-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-67-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-68-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-69-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-70-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-71-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-72-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-73-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-74-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-75-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-76-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-77-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-79-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-78-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-80-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-81-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-82-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-83-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-84-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-85-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-86-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-87-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-88-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-89-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-90-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-91-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-92-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-93-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-94-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download
memory/4852-95-0x00007FF92A080000-0x00007FF92AA21000-memory.dmp

Filesize
9.6MB

Download