General

  • Target

    w1i488c2sdfmss6.exe

  • Size

    71KB

  • MD5

    10aa058a3ac49e016cad7987b8e09886

  • SHA1

    cca6682330a819592c3b1ea0448ceb4e141593dc

  • SHA256

    6d4712df42ad0982041ef0e2e109ab5718b43830f2966bd9207a7fac3af883db

  • SHA512

    f115fb62b1ca5e18f6340d42ff4393e2b175917312ae1cc14e7a6a9322cf8adaf22457bc8213e2baafdc2cb19d5db1e5a9c003155cbf142d5a08604495e22f6e

Malware Config

Extracted

Family

blackmatter

Version

1.6

Botnet

32bd08ad5e5e881aa2634621d611a1a5

Credentials
C2

https://mojobiden.com

http://mojobiden.com

Attributes
  • attempt_auth

    true

  • create_mutex

    false

  • encrypt_network_shares

    true

  • exfiltrate

    true

  • mount_volumes

    true

rsa_pubkey.base64
aes.base64

Signatures

Files

  • w1i488c2sdfmss6.exe
    .exe windows x86