General
-
Target
e4a2260bcba8059207fdcc2d59841a8c4ddbe39b6b835feef671bceb95cd232d
-
Size
79KB
-
MD5
5de71f0e1ad0e2c2968153809ffaff05
-
SHA1
f023f314327acd96cd8a0f8e32451b2d2dee61d0
-
SHA256
e4a2260bcba8059207fdcc2d59841a8c4ddbe39b6b835feef671bceb95cd232d
-
SHA512
2fce4fbdf3bc7e0dfa9cc90581c08ea6578522c65891e12359bd464b1ea007006979491b9049e4a20fabd196bf321275cc003d537236c2bd5bf8826f85543c05
Score
10/10
Malware Config
Extracted
Family
blackmatter
Version
2.0
Botnet
e4aaffc36f5d5b7d597455eb6d497df5
Credentials
Protocol: smtp- Port:
587 - Username:
pklages@spectrumfurniture.com - Password:
BBis#1ec
Protocol: smtp- Port:
587 - Username:
BackupExec@spectrumfurniture.com - Password:
k8DbBSZYWWnr0QqrILoo
Protocol: smtp- Port:
587 - Username:
admin@Northwoods.com - Password:
Smokie@CF
C2
https://mojobiden.com
http://mojobiden.com
https://nowautomation.com
http://nowautomation.com
Attributes
-
attempt_auth
true
-
create_mutex
true
-
encrypt_network_shares
true
-
exfiltrate
true
-
mount_volumes
true
rsa_pubkey.base64
aes.base64
Signatures
-
Blackmatter family
Files
-
e4a2260bcba8059207fdcc2d59841a8c4ddbe39b6b835feef671bceb95cd232d