blackmoon | bde1c241d2aa1df3bd8c407e2c800708e82f38de87838eebb9bbf5b0542b446c | Triage

Sharing

General

Target

9fd7f8024497d6bcd02ec9d8b1dafc67_JaffaCakes118
Size

3.2MB
Sample

241126-e686ps1mhm
MD5

9fd7f8024497d6bcd02ec9d8b1dafc67
SHA1

9574924bf1a3fe904dd71686822f3b8583eb06cc
SHA256

bde1c241d2aa1df3bd8c407e2c800708e82f38de87838eebb9bbf5b0542b446c
SHA512

81f80228cb1e2ad327e1a6f15eb96fa236c1320eedb93362ab2fec69cdaf55fde948e91d02b04d181ed8db636a9d2f8481fc29cd256820bd09905b5b33d2d2a6
SSDEEP

98304:uCZ4a/W1ZIx8ycgSXgvqrkAo3dN25j/6+D:uo/W1ZIx8/bXgC2k

Score

10^/10

blackmoon discovery

Malware Config

Targets

- Target
  
  HDDRegenerator2013/BORLNDMM.DLL
- Size
  
  29KB
- MD5
  
  f585e57ef674643e2aefbda6debe2854
- SHA1
  
  abf65042408088ab4f36a2d2834004ff7979285e
- SHA256
  
  234114dfdeac2f382cd50611b1f449395a6ce83ccb3d028ef64263c465df7b6a
- SHA512
  
  eeba42c0f6e2d2d61c54a539317285aac8aa6cafc1657a7bf4ddd826e5dabd7b8410eaaa52e0b45871014b7410b53a211c37b51bfc38d159e291ae5521b18a29
- SSDEEP
  
  768:J2D8hqY8/ija+1I5GDLsmgWHEEyJRmu/ija+1InLZl0PNvOLRO:J2D8s8PJ7yTDZl0FvOLRO
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  HDDRegenerator2013/CC3280MT.DLL
- Size
  
  721KB
- MD5
  
  bfd9a3ceb66b0d3a651114a06c670e86
- SHA1
  
  e5afb1e21fb4c8916e1f571696ab5587ccde0dec
- SHA256
  
  a21078f4cf335dd958323266e00f49fe20d43455cef96ee581966f51f246e35e
- SHA512
  
  8d89b7d03e0445b46705239916bd90ca0685b2ddd8b13ca850f4dd8503dc004a1e77224cf9ebb1d715ad5edb4200e8d6dada9a23aa5fbd2d9a3178129e6513a0
- SSDEEP
  
  12288:iODADEaNnj0IUnHxPf2id2gK7b86mCGNNcLgLLS5uaBZrrk+WG:iOD6EaNnwx32idW74FNzdS5usZoG
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  HDDRegenerator2013/HDD Regenerator.dll
- Size
  
  793KB
- MD5
  
  62768b182eaf13ff816529d9ae924210
- SHA1
  
  766dbe02e25b95cd08f024749c1478db07612626
- SHA256
  
  1489d8e3cbe7b310b2aefa9875e02ead0cb1264566c006fbc543bea8a8392b4b
- SHA512
  
  c535f96ae20553b8b8d23028794e596f9c6ce20aa73cd05c6fccfa91dd80ca78e224cdaf6834ec9a5456ff513beb02f1b74c890a90cd912608f1fb42a142b218
- SSDEEP
  
  24576:gZ+2ryPclm3UJDjL3A7KPl1+7rMHaCfXE:Y+2r1NCYU
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  HDDRegenerator2013/Purchase.exe
- Size
  
  443KB
- MD5
  
  a98fc2f4bfba63ec207d14e8d9fa0176
- SHA1
  
  5b730205389668796ff7dce591979cbeaf544544
- SHA256
  
  2d7e407fb336df7a5b1f97b8860f96039615be4d6fe7311067c5b1fde71324f7
- SHA512
  
  422838a0fd2eedbaecbe10287a3ce13c3023f15746ce915b37d1df89210f73565e636ad386e8d4f1b5ff484d1c32b73569a50c1a97fee97280f24eb33a5ce0d0
- SSDEEP
  
  12288:B/nyVWXXdxPgSqNE4QbJPIIVsB8wJvxoZSPa+c35dOWpE/:B/nyVWXXdxPgSqNEtRIbFJvxKSP5qdOB
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  HDDRegenerator2013/WindowsShell.dll
- Size
  
  33KB
- MD5
  
  9945257306aa0d217a24fc61d2d6ab66
- SHA1
  
  1b5ad299b6b898f6a23c8e1fcdf1c05c13c122be
- SHA256
  
  774feaa5a966b34602aeb0a3d584e58c983fa04314a09f349e51e6af6d8fff72
- SHA512
  
  3b658c7f8431b8b7fa75905e97267ce3509cf6f52d938be2019638e877a98e39d63446af32524b6ee69fae338d7c628071ade0c0129c0c15cff6e4351d1ab547
- SSDEEP
  
  384:Z+FTblDZrcd2PEuE8l3UEZv5cLvdFshAGglGN+1nu6EDHvuk94NF8LnOjE3l8T:ZsdPuE15cLvLshN4wmnTEDCQLnOjB
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  HDDRegenerator2013/eSellerateControl365.dll
- Size
  
  92KB
- MD5
  
  a40b0b3979b5cd056109187570987696
- SHA1
  
  71b1807b70654a664bf90bccd0a3e0f1ceba1738
- SHA256
  
  9e1cfa369f2a8ecc9e0ba3b9f11c139e93c1688f50810665cbf9bb79a17bdf76
- SHA512
  
  6002eedf78eef369846a3c16b49a77a9bff803701ca60c80a802af1ecdfc7f03af5e053ba351644c57acec5eae7ca43db66074796ed21cf3d2fb1b015b7099f5
- SSDEEP
  
  1536:deSoHg4tWm5CEa2Pf+mkTRN8nwO0eHmWRL205B+2soeUV0tU2i54:dig4tWm5C4P2n8wrx/Q+2soeUV0tU2iu
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  HDDRegenerator2013/hddreg.exe
- Size
  
  1.3MB
- MD5
  
  8eab84daabb3c386356d63ae2d42a9e9
- SHA1
  
  5d6c326c6d04426b50f6ca062da95ef67f835b31
- SHA256
  
  424e167aa65003556cb88409651aa91b98eb233aaf37ed98fd3985cc269c146b
- SHA512
  
  04f5828664de4ac6361dff71832246bd5e99d4e60e14ba087501600983df70fb0b94970fdb2c8855042f03335d19feac19e664646ea8bc3f22aaa6323982a728
- SSDEEP
  
  24576:gpvZStOfYRTrujsKqhl39YOQ74AoKcLX4C5+NdULuXPnhtMJBHUUs:gBZtYRTq5q83oXL7eguP/QB0Us
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral13 behavioral14
- Target
  
  HDDRegenerator2013/硬盘再生器.exe
- Size
  
  2.4MB
- MD5
  
  377842c273939f270129a276b8010ec6
- SHA1
  
  0847787634bdc1147d5d890aee5800f65a039efe
- SHA256
  
  ba61d26c61a41750dc0601aa4f9c3478d91059b6d515dc031b5d30f7038df012
- SHA512
  
  97d65824167112170eb81fecdf0aab448139078f18a3ca9d44634a2347bcb1b5091d7a59d82a6aa32d142b18b9f6cbd8d8787ce37b02993eccc383727c05387d
- SSDEEP
  
  49152:aI/V4F0WVGA+uCJWnwVuDt8Kx5fpxIqQ:mdGIpl5hxIl
Score

4^/10

discovery
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16