General

  • Target

    974d6280bdfd921ab6f1b7a1b0f82f7b6a0005a922cce49362d0762d929e34c8N

  • Size

    80KB

  • Sample

    241019-qng52syamh

  • MD5

    53dcd939c8c50f8cd266ad70473e0b80

  • SHA1

    f2d37fd70ff2622f48f3fa6545c09c4f34ad2bc3

  • SHA256

    974d6280bdfd921ab6f1b7a1b0f82f7b6a0005a922cce49362d0762d929e34c8

  • SHA512

    01e21f478ccde57e36e194586e71ca18efcf358048041d0d50fa45ed889a75725559667e198084561e4289e1cfec8e581c8d719e70bc86a5e6570abad1b0cfd4

  • SSDEEP

    1536:QPvK/3zvzVJJicVLhilofshDjzJxuOmb54vHTL+lf:Qi5ikFSofozVmb5uHv+lf

Malware Config

Extracted

Family

blacknet

Botnet

HacKed

C2

https://www.gunnylaumienphi2017.com/

Mutex

BN[qNldZlCR-8683277]

Attributes
  • antivm

    true

  • elevate_uac

    false

  • install_name

    WindowsUpdate.exe

  • splitter

    |BN|

  • start_name

    cde2f914e4cce7f13b2c1cec7b6da970

  • startup

    false

  • usb_spread

    true

Targets

    • Target

      974d6280bdfd921ab6f1b7a1b0f82f7b6a0005a922cce49362d0762d929e34c8N

    • Size

      80KB

    • MD5

      53dcd939c8c50f8cd266ad70473e0b80

    • SHA1

      f2d37fd70ff2622f48f3fa6545c09c4f34ad2bc3

    • SHA256

      974d6280bdfd921ab6f1b7a1b0f82f7b6a0005a922cce49362d0762d929e34c8

    • SHA512

      01e21f478ccde57e36e194586e71ca18efcf358048041d0d50fa45ed889a75725559667e198084561e4289e1cfec8e581c8d719e70bc86a5e6570abad1b0cfd4

    • SSDEEP

      1536:QPvK/3zvzVJJicVLhilofshDjzJxuOmb54vHTL+lf:Qi5ikFSofozVmb5uHv+lf

    Score
    10/10
    • BlackNET

      BlackNET is an open source remote access tool written in VB.NET.

    • Modifies Windows Defender Real-time Protection settings

    • Windows security modification

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.