blacknet | af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08ae

Analysis

max time kernel
120s
max time network
108s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
22-10-2024 11:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
Size

83KB
MD5

fd83dc4e29f96f031554c40e242e6010
SHA1

952eab265dbd17cb05bd93f8c4bc967cf4822d1b
SHA256

af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08ae
SHA512

fc2c412dcde43f3014445c4db7b50ee6323b430111c79c7889e82738304f8f75a7615cd56382960a6268a8a3bf0da0fd703ddc195c5b3ee3c5f294614a673550
SSDEEP

1536:PwPvK/3zvzVohd9BRiF/JUYjzJxuOmb54vHTLazm7/:PwiGDjiVvzVmb5uHvmm7/

Score

10^/10

blacknet trojan

Malware Config

Signatures

BlackNET
BlackNET is an open source remote access tool written in VB.NET.
trojan blacknet

Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes:

af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe

pid	process
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe

description pid process

Token: SeDebugPrivilege 736 af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe

description	pid	process
Token: SeDebugPrivilege	736	af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe

C:\Users\Admin\AppData\Local\Temp\af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe
"C:\Users\Admin\AppData\Local\Temp\af568cf603675379c46d15ab72037acb77a26d4014b80af455446960fc9f08aeN.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/736-0-0x00007FFB94315000-0x00007FFB94316000-memory.dmp

Filesize
4KB

Download
memory/736-1-0x000000001B860000-0x000000001B906000-memory.dmp

Filesize
664KB

Download
memory/736-2-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-3-0x000000001BE30000-0x000000001C2FE000-memory.dmp

Filesize
4.8MB

Download
memory/736-4-0x000000001C3C0000-0x000000001C45C000-memory.dmp

Filesize
624KB

Download
memory/736-5-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-6-0x0000000001240000-0x0000000001248000-memory.dmp

Filesize
32KB

Download
memory/736-7-0x000000001C520000-0x000000001C56C000-memory.dmp

Filesize
304KB

Download
memory/736-8-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-9-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-10-0x000000001F6D0000-0x000000001F732000-memory.dmp

Filesize
392KB

Download
memory/736-11-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-12-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-13-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-14-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-15-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-16-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-17-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-18-0x00007FFB94315000-0x00007FFB94316000-memory.dmp

Filesize
4KB

Download
memory/736-19-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-20-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-21-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-22-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-23-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-24-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-25-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-26-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-27-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-29-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-28-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-30-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-31-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-32-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-33-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-34-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-35-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-36-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-37-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-38-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-39-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-40-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-41-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-42-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-43-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-44-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-46-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-45-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-47-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-48-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-49-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-50-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-51-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-53-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-52-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-54-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-55-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-56-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-57-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-58-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-59-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-60-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-61-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-62-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-63-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-64-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-65-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-66-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-67-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-68-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-69-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-70-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-71-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-72-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-73-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-74-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-75-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-76-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-77-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-78-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-79-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-80-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-82-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-81-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-83-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-84-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-85-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-86-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-87-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-88-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-89-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-90-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-91-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-92-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-93-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-94-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download
memory/736-95-0x00007FFB94060000-0x00007FFB94A01000-memory.dmp

Filesize
9.6MB

Download