Static task
static1
Behavioral task
behavioral1
Sample
520bd9ed608c668810971dbd51184c6a29819674280b018dc4027bc38fc42e57.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
520bd9ed608c668810971dbd51184c6a29819674280b018dc4027bc38fc42e57.exe
Resource
win10v20210410
General
-
Target
520bd9ed608c668810971dbd51184c6a29819674280b018dc4027bc38fc42e57.exe
-
Size
78KB
-
MD5
50c4970003a84cab1bf2634631fe39d7
-
SHA1
721a749cbd6afcd765e07902c17d5ab949b04e4a
-
SHA256
520bd9ed608c668810971dbd51184c6a29819674280b018dc4027bc38fc42e57
-
SHA512
fb210c92f7d1be9f9361b11dffd30fac78eeaadabf844a78a7dad00169f994d089c1cf4a037d6a1b82fddf35a6bfa34b8cbf216ce1786f407dfc015c72533504
Malware Config
Extracted
blackmatter
2.0
24483508bccfe72e63b26a1233058170
https://mojobiden.com
http://mojobiden.com
-
attempt_auth
false
-
create_mutex
true
-
encrypt_network_shares
true
-
exfiltrate
true
-
mount_volumes
true
Signatures
-
BlackMatter 1 IoCs
Quick PoC rule for BlackMatter based on the first few function calls.
resource yara_rule sample BlackMatter -
Blackmatter family
Files
-
520bd9ed608c668810971dbd51184c6a29819674280b018dc4027bc38fc42e57.exe.exe windows x86