blacknet | 3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2

Analysis

max time kernel
120s
max time network
109s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
19-10-2024 02:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
Size

83KB
MD5

da4e0eb82862076ca649ae82e84870a0
SHA1

c8a90c5925407d1a3fff67a815f612c27a066dd7
SHA256

3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2
SHA512

4f3f57effcd59359119c2a586683b69d57900b5d222f860c671d7ff7e24fd1267cf527b9d0caa9435eee28ac5204541dc11d8d5d0b91c46c4215ffa47b636659
SSDEEP

1536:PwPvK/3zvzVohd9BRiF/JUijzJxuOmb54vHTLazm7/:PwiGDjiVpzVmb5uHvmm7/

Score

10^/10

blacknet trojan

Malware Config

Signatures

BlackNET
BlackNET is an open source remote access tool written in VB.NET.
trojan blacknet

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1064	3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe

C:\Users\Admin\AppData\Local\Temp\3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe
"C:\Users\Admin\AppData\Local\Temp\3ff2ffad0ad7277fadaa76e9423cba66fd8efe6a1fefd90d28c1fdbd25bbdeb2N.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:1064

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1064-0-0x00007FFBC4C95000-0x00007FFBC4C96000-memory.dmp

Filesize
4KB

Download
memory/1064-1-0x000000001BE50000-0x000000001BEF6000-memory.dmp

Filesize
664KB

Download
memory/1064-2-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-3-0x000000001C3D0000-0x000000001C89E000-memory.dmp

Filesize
4.8MB

Download
memory/1064-4-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-5-0x000000001C9E0000-0x000000001CA7C000-memory.dmp

Filesize
624KB

Download
memory/1064-6-0x0000000001880000-0x0000000001888000-memory.dmp

Filesize
32KB

Download
memory/1064-7-0x000000001CB40000-0x000000001CB8C000-memory.dmp

Filesize
304KB

Download
memory/1064-8-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-9-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-10-0x000000001FC70000-0x000000001FCD2000-memory.dmp

Filesize
392KB

Download
memory/1064-11-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-12-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-13-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-14-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-15-0x00007FFBC4C95000-0x00007FFBC4C96000-memory.dmp

Filesize
4KB

Download
memory/1064-16-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-17-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-18-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-19-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-20-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-21-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-22-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-23-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-24-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-25-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-26-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-27-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-28-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-29-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-30-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-31-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-32-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-33-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-34-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-35-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-36-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-37-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-38-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-39-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-40-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-41-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-42-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-43-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-44-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-45-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-46-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-47-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-48-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-49-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-50-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-51-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-52-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-53-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-54-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-55-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-56-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-57-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-58-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-59-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-60-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-61-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-62-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-63-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-64-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-65-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-66-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-67-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-68-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-69-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-70-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-72-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-73-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-71-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-74-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-75-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-76-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-77-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-78-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-79-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-80-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-81-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-82-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-83-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-85-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-84-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-86-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-87-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-88-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-89-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-90-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-91-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-92-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-93-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-94-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download
memory/1064-95-0x00007FFBC49E0000-0x00007FFBC5381000-memory.dmp

Filesize
9.6MB

Download