General
-
Target
06586b56e7c0c9c486d87624b50f32f16a350b30d8cff5c3c2ba1b77028a4b57
-
Size
2.5MB
-
Sample
241109-sl1kqawkbw
-
MD5
6c50bb178c8bfdd788ec9c693571369c
-
SHA1
2904044a4ac94f4446cd491f2b165c2b73971b1c
-
SHA256
06586b56e7c0c9c486d87624b50f32f16a350b30d8cff5c3c2ba1b77028a4b57
-
SHA512
84e075f6365a6a5c66a720b16fb19637f29874c4f78eb71f79e83486adff99b885fc3fdfa10ec5e09d84948135db4a55fa560e4ac26e00672e9507573f82c04e
-
SSDEEP
49152:OZ0v0xeSAURL9WxanWWN5YUwTKOcWWN5YUwTYQP:ow0xeSh7q
Behavioral task
behavioral1
Sample
06586b56e7c0c9c486d87624b50f32f16a350b30d8cff5c3c2ba1b77028a4b57.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
06586b56e7c0c9c486d87624b50f32f16a350b30d8cff5c3c2ba1b77028a4b57.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
06586b56e7c0c9c486d87624b50f32f16a350b30d8cff5c3c2ba1b77028a4b57
-
Size
2.5MB
-
MD5
6c50bb178c8bfdd788ec9c693571369c
-
SHA1
2904044a4ac94f4446cd491f2b165c2b73971b1c
-
SHA256
06586b56e7c0c9c486d87624b50f32f16a350b30d8cff5c3c2ba1b77028a4b57
-
SHA512
84e075f6365a6a5c66a720b16fb19637f29874c4f78eb71f79e83486adff99b885fc3fdfa10ec5e09d84948135db4a55fa560e4ac26e00672e9507573f82c04e
-
SSDEEP
49152:OZ0v0xeSAURL9WxanWWN5YUwTKOcWWN5YUwTYQP:ow0xeSh7q
-
Blackmoon family
-
Detect Blackmoon payload
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Drops file in System32 directory
-