General

  • Target

    86c84c07e27cc8aba129e1cf51215b65c445f178b94f2e8c4c10e6bc110daa94

  • Size

    73KB

  • Sample

    211005-prrcfsaagm

  • MD5

    01aef1c692a50a9d0e0369a58b1516ff

  • SHA1

    8572344f5320d4b9ea4c03c37409210a290540c0

  • SHA256

    86c84c07e27cc8aba129e1cf51215b65c445f178b94f2e8c4c10e6bc110daa94

  • SHA512

    abbd643dfcc25bc68983ff1c572824cfd1a2f44eff3f37c22450041aa2de31bdaace6996c55e2371040f479a9b5364bbcfbc41d6bc48e364a0433bb76e7b6f72

Malware Config

Extracted

Family

blackmatter

Version

1.6

Botnet

0c6ca0532355a106258791f50b66c153

Attributes
  • attempt_auth

    false

  • create_mutex

    false

  • encrypt_network_shares

    false

  • exfiltrate

    false

  • mount_volumes

    true

rsa_pubkey.base64
aes.base64

Targets

    • Target

      86c84c07e27cc8aba129e1cf51215b65c445f178b94f2e8c4c10e6bc110daa94

    • Size

      73KB

    • MD5

      01aef1c692a50a9d0e0369a58b1516ff

    • SHA1

      8572344f5320d4b9ea4c03c37409210a290540c0

    • SHA256

      86c84c07e27cc8aba129e1cf51215b65c445f178b94f2e8c4c10e6bc110daa94

    • SHA512

      abbd643dfcc25bc68983ff1c572824cfd1a2f44eff3f37c22450041aa2de31bdaace6996c55e2371040f479a9b5364bbcfbc41d6bc48e364a0433bb76e7b6f72

    Score
    5/10
    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks