Overview

overview

10

Static

static

10

ceab4967a2...eN.exe

windows7-x64

10

ceab4967a2...eN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ceab4967a272a1b6d60c80839552cc263429c58bf7775802621e041717672a1eN

  • Size

    80KB

  • Sample

    241022-nmb7asvcpn

  • MD5

    5bb60a59f920ef747f7e44423140a4d0

  • SHA1

    3d7bedd6b91f375794bd55450b38083e279be53f

  • SHA256

    ceab4967a272a1b6d60c80839552cc263429c58bf7775802621e041717672a1e

  • SHA512

    a03e5f0c6ad3f6e4d15b0e77bfb39aba9b2873c805fc2d13790a3732324eddea4e7a43af0fbd7605ffc1810efb1cd2082ce0aec01b1fa3481042b47230618dbd

  • SSDEEP

    1536:QPvK/3zvzVJJicVLhilofshHjzJxuOmb54vHTL+lf:Qi5ikFSofQzVmb5uHv+lf

Score
10/10
blacknethackedevasiontrojan

Malware Config

Extracted

Family

blacknet

Botnet

HacKed

C2

https://www.gunnylaumienphi2017.com/

Mutex

BN[qNldZlCR-8683277]

Attributes
  • antivm

    true

  • elevate_uac

    false

  • install_name

    WindowsUpdate.exe

  • splitter

    |BN|

  • start_name

    cde2f914e4cce7f13b2c1cec7b6da970

  • startup

    false

  • usb_spread

    true

Targets

    • Target

      ceab4967a272a1b6d60c80839552cc263429c58bf7775802621e041717672a1eN

    • Size

      80KB

    • MD5

      5bb60a59f920ef747f7e44423140a4d0

    • SHA1

      3d7bedd6b91f375794bd55450b38083e279be53f

    • SHA256

      ceab4967a272a1b6d60c80839552cc263429c58bf7775802621e041717672a1e

    • SHA512

      a03e5f0c6ad3f6e4d15b0e77bfb39aba9b2873c805fc2d13790a3732324eddea4e7a43af0fbd7605ffc1810efb1cd2082ce0aec01b1fa3481042b47230618dbd

    • SSDEEP

      1536:QPvK/3zvzVJJicVLhilofshHjzJxuOmb54vHTL+lf:Qi5ikFSofQzVmb5uHv+lf

    Score
    10/10
    blacknetevasiontrojan

    • BlackNET

      BlackNET is an open source remote access tool written in VB.NET.

      trojanblacknet

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Windows security modification

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks