Overview

overview

10

Static

static

10

974d6280bd...8N.exe

windows7-x64

10

974d6280bd...8N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    974d6280bdfd921ab6f1b7a1b0f82f7b6a0005a922cce49362d0762d929e34c8N

  • Size

    80KB

  • Sample

    241019-qng52syamh

  • MD5

    53dcd939c8c50f8cd266ad70473e0b80

  • SHA1

    f2d37fd70ff2622f48f3fa6545c09c4f34ad2bc3

  • SHA256

    974d6280bdfd921ab6f1b7a1b0f82f7b6a0005a922cce49362d0762d929e34c8

  • SHA512

    01e21f478ccde57e36e194586e71ca18efcf358048041d0d50fa45ed889a75725559667e198084561e4289e1cfec8e581c8d719e70bc86a5e6570abad1b0cfd4

  • SSDEEP

    1536:QPvK/3zvzVJJicVLhilofshDjzJxuOmb54vHTL+lf:Qi5ikFSofozVmb5uHv+lf

Score
10/10
blacknethackedevasiontrojan

Malware Config

Extracted

Family

blacknet

Botnet

HacKed

C2

https://www.gunnylaumienphi2017.com/

Mutex

BN[qNldZlCR-8683277]

Attributes
  • antivm

    true

  • elevate_uac

    false

  • install_name

    WindowsUpdate.exe

  • splitter

    |BN|

  • start_name

    cde2f914e4cce7f13b2c1cec7b6da970

  • startup

    false

  • usb_spread

    true

Targets

    • Target

      974d6280bdfd921ab6f1b7a1b0f82f7b6a0005a922cce49362d0762d929e34c8N

    • Size

      80KB

    • MD5

      53dcd939c8c50f8cd266ad70473e0b80

    • SHA1

      f2d37fd70ff2622f48f3fa6545c09c4f34ad2bc3

    • SHA256

      974d6280bdfd921ab6f1b7a1b0f82f7b6a0005a922cce49362d0762d929e34c8

    • SHA512

      01e21f478ccde57e36e194586e71ca18efcf358048041d0d50fa45ed889a75725559667e198084561e4289e1cfec8e581c8d719e70bc86a5e6570abad1b0cfd4

    • SSDEEP

      1536:QPvK/3zvzVJJicVLhilofshDjzJxuOmb54vHTL+lf:Qi5ikFSofozVmb5uHv+lf

    Score
    10/10
    blacknetevasiontrojan

    • BlackNET

      BlackNET is an open source remote access tool written in VB.NET.

      trojanblacknet

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Windows security modification

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks