blacknet | 471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3a

Analysis

max time kernel
120s
max time network
109s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
20/10/2024, 00:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
Size

83KB
MD5

a2f816af643cc1fec1ff696e0fea0350
SHA1

4779d60ffd6f778c37e16f911a962af9a7d6cfe9
SHA256

471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3a
SHA512

ed1e32fd18dc6f2132ffb83cb0ff66a940b69560e9c27229953eaee3ece6b4fe986965fc9369c129859738045b0312ea41398be762b073ba0fffcea411dd0a2b
SSDEEP

1536:PwPvK/3zvzVohd9BRiF/JUojzJxuOmb54vHTLazm7/:PwiGDjiVTzVmb5uHvmm7/

Score

10^/10

blacknet trojan

Malware Config

Signatures

BlackNET
BlackNET is an open source remote access tool written in VB.NET.
trojan blacknet

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1260	471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe

C:\Users\Admin\AppData\Local\Temp\471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe
"C:\Users\Admin\AppData\Local\Temp\471e800ccaa5f6bc544c322688aac05c7efc670ec734d83a6fbf6d159a3f7d3aN.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:1260

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1260-0-0x00007FFC732A5000-0x00007FFC732A6000-memory.dmp

Filesize
4KB

Download
memory/1260-1-0x000000001B610000-0x000000001B6B6000-memory.dmp

Filesize
664KB

Download
memory/1260-2-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-3-0x000000001BC00000-0x000000001C0CE000-memory.dmp

Filesize
4.8MB

Download
memory/1260-4-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-5-0x000000001C180000-0x000000001C21C000-memory.dmp

Filesize
624KB

Download
memory/1260-7-0x000000001C2E0000-0x000000001C32C000-memory.dmp

Filesize
304KB

Download
memory/1260-6-0x0000000001010000-0x0000000001018000-memory.dmp

Filesize
32KB

Download
memory/1260-8-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-9-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-10-0x000000001D2E0000-0x000000001D342000-memory.dmp

Filesize
392KB

Download
memory/1260-11-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-13-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-12-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-14-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-15-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-16-0x00007FFC732A5000-0x00007FFC732A6000-memory.dmp

Filesize
4KB

Download
memory/1260-17-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-18-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-19-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-20-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-21-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-22-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-23-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-24-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-25-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-26-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-27-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-28-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-29-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-31-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-30-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-32-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-33-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-34-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-35-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-36-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-37-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-38-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-39-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-40-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-41-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-42-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-43-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-44-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-45-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-46-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-47-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-48-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-49-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-50-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-51-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-52-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-53-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-54-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-55-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-56-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-57-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-58-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-59-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-60-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-61-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-62-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-63-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-64-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-65-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-66-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-67-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-68-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-69-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-70-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-71-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-72-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-73-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-74-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-75-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-76-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-77-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-78-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-79-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-80-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-81-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-82-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-83-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-84-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-85-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-86-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-87-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-88-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-89-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-90-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-91-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-92-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-93-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-94-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download
memory/1260-95-0x00007FFC72FF0000-0x00007FFC73991000-memory.dmp

Filesize
9.6MB

Download