General
-
Target
4b53dbc7eb114c72dc7020bc78d912e131293f6079a7d537e8624d04c0355899.exe
-
Size
1.2MB
-
Sample
250123-gtj26axlem
-
MD5
7f264cc72851fdbcbdef8ea267aedd3d
-
SHA1
fe3af35952ac9bea3831cea965adc544c2662441
-
SHA256
4b53dbc7eb114c72dc7020bc78d912e131293f6079a7d537e8624d04c0355899
-
SHA512
79971812196bfac3b6404acafb25ca76f4c914314042bfc91647dd4a851b200bb4c2e242ceb6c618a0c4cb9474daa041734d9595b7d1cec24df77454042b39a7
-
SSDEEP
3072:gRRHyoBg8zJRAxuU+N6ET/d9ArfCS3VT62FQwiDefNbaSBVpMQRQ8imgCQIqi/ce:gRhoxrn/vmrqaTh2uMnuPea4g/Gcg
Behavioral task
behavioral1
Sample
4b53dbc7eb114c72dc7020bc78d912e131293f6079a7d537e8624d04c0355899.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4b53dbc7eb114c72dc7020bc78d912e131293f6079a7d537e8624d04c0355899.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
4b53dbc7eb114c72dc7020bc78d912e131293f6079a7d537e8624d04c0355899.exe
-
Size
1.2MB
-
MD5
7f264cc72851fdbcbdef8ea267aedd3d
-
SHA1
fe3af35952ac9bea3831cea965adc544c2662441
-
SHA256
4b53dbc7eb114c72dc7020bc78d912e131293f6079a7d537e8624d04c0355899
-
SHA512
79971812196bfac3b6404acafb25ca76f4c914314042bfc91647dd4a851b200bb4c2e242ceb6c618a0c4cb9474daa041734d9595b7d1cec24df77454042b39a7
-
SSDEEP
3072:gRRHyoBg8zJRAxuU+N6ET/d9ArfCS3VT62FQwiDefNbaSBVpMQRQ8imgCQIqi/ce:gRhoxrn/vmrqaTh2uMnuPea4g/Gcg
Score10/10-
Blackshades family
-
Blackshades payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-