General

  • Target

    c728e3a0d4a293e44314d663945354427848c220d05d5d87cdedd9995fee3dfe

  • Size

    67KB

  • MD5

    639bb7abbd9bc6a9c275d0bf9555b610

  • SHA1

    e4831da0e8fe5f0a01cd42693e607bc611423c16

  • SHA256

    c728e3a0d4a293e44314d663945354427848c220d05d5d87cdedd9995fee3dfe

  • SHA512

    f01621fab7ba598b80d52675c20d0d4bb4749b91df3298ee1bd6d6d410eb54d091677f85a2d4673eb9dc3d8cff6f4a328735226de0f5a01bd314dbe6d9af92aa

Malware Config

Extracted

Family

blackmatter

Version

1.2

Botnet

bab21ee475b52c0c9eb47d23ec9ba1d1

C2

https://paymenthacks.com

http://paymenthacks.com

https://mojobiden.com

http://mojobiden.com

Attributes
  • attempt_auth

    false

  • create_mutex

    true

  • encrypt_network_shares

    true

  • exfiltrate

    true

  • mount_volumes

    true

rsa_pubkey.base64
aes.base64

Signatures

Files

  • c728e3a0d4a293e44314d663945354427848c220d05d5d87cdedd9995fee3dfe
    .dll windows x86