General
-
Target
ef79533e643bb11424280d23b8270999c52cc226f409f72e972073f1adad7d2d
-
Size
314KB
-
Sample
241225-vdcvsszjhn
-
MD5
afee45b830be9fae35ebda722b801800
-
SHA1
2b49f9ed6ae2b0c36612d2267b58803bab96259e
-
SHA256
ef79533e643bb11424280d23b8270999c52cc226f409f72e972073f1adad7d2d
-
SHA512
d485dff2f4eda2c140e2ee87f3d048c3b78157c82ab746ca1704dcd7c38f67e98b42b6f31137ae6ef84a4c35b3cbe9d012977b62a7a2cd52ee80adfda5597862
-
SSDEEP
6144:PMivKqmiRqbQFI7tjBty1xYtwQYpk0iYCF+lq9177tGKBoudDeklV04E3:0kYbQFI7RPwk00rFekHLE
Behavioral task
behavioral1
Sample
ef79533e643bb11424280d23b8270999c52cc226f409f72e972073f1adad7d2d.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
ef79533e643bb11424280d23b8270999c52cc226f409f72e972073f1adad7d2d
-
Size
314KB
-
MD5
afee45b830be9fae35ebda722b801800
-
SHA1
2b49f9ed6ae2b0c36612d2267b58803bab96259e
-
SHA256
ef79533e643bb11424280d23b8270999c52cc226f409f72e972073f1adad7d2d
-
SHA512
d485dff2f4eda2c140e2ee87f3d048c3b78157c82ab746ca1704dcd7c38f67e98b42b6f31137ae6ef84a4c35b3cbe9d012977b62a7a2cd52ee80adfda5597862
-
SSDEEP
6144:PMivKqmiRqbQFI7tjBty1xYtwQYpk0iYCF+lq9177tGKBoudDeklV04E3:0kYbQFI7RPwk00rFekHLE
-
Blackmoon family
-
Detect Blackmoon payload
-
Modifies RDP port number used by Windows
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-