General
-
Target
f9a6f798a838f36329e963fe226d7b4db010dabd3c1a78427b58bc5f486ea896
-
Size
74KB
-
Sample
241110-e8bm8azfma
-
MD5
111ffdd7e36febe28e1e2eb6fb4ef3e0
-
SHA1
d1ef2d1a9f0ffa1b08871c45c4d6773c377e37f8
-
SHA256
f9a6f798a838f36329e963fe226d7b4db010dabd3c1a78427b58bc5f486ea896
-
SHA512
65e7c0fc4d5614fc41be51114a55feaacc94b365c85677bf9a6ea523b776594afd0d29c729ac555d3963a8878595ffc296bb18f84826f6402d72db2cbd2c7313
-
SSDEEP
1536:IyfIcT9U1tPrgQvhLopacl1TsQk0NJP/PAjgas/3VUN0YWZPnouy8G:VfIS2vhLoz5sQkqgjg1YWZfoutG
Behavioral task
behavioral1
Sample
f9a6f798a838f36329e963fe226d7b4db010dabd3c1a78427b58bc5f486ea896.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
f9a6f798a838f36329e963fe226d7b4db010dabd3c1a78427b58bc5f486ea896
-
Size
74KB
-
MD5
111ffdd7e36febe28e1e2eb6fb4ef3e0
-
SHA1
d1ef2d1a9f0ffa1b08871c45c4d6773c377e37f8
-
SHA256
f9a6f798a838f36329e963fe226d7b4db010dabd3c1a78427b58bc5f486ea896
-
SHA512
65e7c0fc4d5614fc41be51114a55feaacc94b365c85677bf9a6ea523b776594afd0d29c729ac555d3963a8878595ffc296bb18f84826f6402d72db2cbd2c7313
-
SSDEEP
1536:IyfIcT9U1tPrgQvhLopacl1TsQk0NJP/PAjgas/3VUN0YWZPnouy8G:VfIS2vhLoz5sQkqgjg1YWZfoutG
-
Blackmoon family
-
Detect Blackmoon payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-