General

  • Target

    2466fca0e29b06c78ffa8a44193fb58c30e6bec4e54bbef8e6622349b95cce4c

  • Size

    79KB

  • MD5

    f1c260c31b9d3f9ff54a142d508ec602

  • SHA1

    6b25c80e8b2dca94ea6b6a95745a496ec0bcabd3

  • SHA256

    2466fca0e29b06c78ffa8a44193fb58c30e6bec4e54bbef8e6622349b95cce4c

  • SHA512

    9412a185d008ded02e2061cd4e998222071923f6260ecdcc9a3f1969ea2aa89a9493866e13450d82b8ab390ec78b24d7ba82a6e2618d11cf27d67f43a7d39d6a

Malware Config

Extracted

Family

blackmatter

Version

1.9

Botnet

28cc82fd466e0d0976a6359f264775a8

C2

https://mojobiden.com

http://mojobiden.com

Attributes
  • attempt_auth

    false

  • create_mutex

    true

  • encrypt_network_shares

    true

  • exfiltrate

    true

  • mount_volumes

    true

rsa_pubkey.base64
aes.base64

Signatures

Files

  • 2466fca0e29b06c78ffa8a44193fb58c30e6bec4e54bbef8e6622349b95cce4c
    .exe windows x86