Overview

overview

10

Static

static

10

e9b2404184...b4.exe

windows7_x64

3

e9b2404184...b4.exe

windows10_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e9b24041847844a5d57b033bf0b41dc637eba7664acfb43da5db635ae920a1b4

  • Size

    79KB

  • Sample

    211005-mjr8nshfa9

  • MD5

    936593e1ba2e1fefc78389ed40ab9d9a

  • SHA1

    dce566c765b39bca870e374c7f973b432a633fb3

  • SHA256

    e9b24041847844a5d57b033bf0b41dc637eba7664acfb43da5db635ae920a1b4

  • SHA512

    21d3f5f00be88041ee4839a776ed8e7428bcb1e8172d4c4f9af2a7b782c3f89fc4dd57402dbf77d24664b8a99d2d330dc8b231d9d7037564bbc9276c49633017

Score
10/10
blackmatter14a875a2bd63041b2b3e5c323e8d5eee

Malware Config

Extracted

Family

blackmatter

Version

2.0

Botnet

14a875a2bd63041b2b3e5c323e8d5eee

Credentials

  • Protocol:     smtp
  • Port:
    587
  • Username:
    it_lw@corp.group.local
  • Password:
    Voyager1701!!!

  • Protocol:     smtp
  • Port:
    587
  • Username:
    it_ci@corp.group.local
  • Password:
    HereGoes321

  • Protocol:     smtp
  • Port:
    587
  • Username:
    svc_netwrix@corp.group.local
  • Password:
    QApassw0rd

  • Protocol:     smtp
  • Port:
    587
  • Username:
    it_pl@corp.group.local
  • Password:
    Aug21!!!

  • Protocol:     smtp
  • Port:
    587
  • Username:
    IT_JJ2@corp.group.local
  • Password:
    Glasgow0315

  • Protocol:     smtp
  • Port:
    587
  • Username:
    it_ng@corp.group.local
  • Password:
    Eleanor22

  • Protocol:     smtp
  • Port:
    587
  • Username:
    it_jj@corp.group.local
  • Password:
    Glasgow0315
C2

https://mojobiden.com

http://mojobiden.com

https://nowautomation.com

http://nowautomation.com
Attributes
  • attempt_auth

    true

  • create_mutex

    true

  • encrypt_network_shares

    true

  • exfiltrate

    true

  • mount_volumes

    true

rsa_pubkey.base64
aes.base64

Targets

    • Target

      e9b24041847844a5d57b033bf0b41dc637eba7664acfb43da5db635ae920a1b4

    • Size

      79KB

    • MD5

      936593e1ba2e1fefc78389ed40ab9d9a

    • SHA1

      dce566c765b39bca870e374c7f973b432a633fb3

    • SHA256

      e9b24041847844a5d57b033bf0b41dc637eba7664acfb43da5db635ae920a1b4

    • SHA512

      21d3f5f00be88041ee4839a776ed8e7428bcb1e8172d4c4f9af2a7b782c3f89fc4dd57402dbf77d24664b8a99d2d330dc8b231d9d7037564bbc9276c49633017

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks