Overview

overview

10

Static

static

10

3.bin.exe

windows7_x64

10

3.bin.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3.bin

  • Size

    67KB

  • MD5

    d0512f2063cbd79fb0f770817cc81ab3

  • SHA1

    e324a2c8fae0d26b12f00ac859340f8d9945a9c1

  • SHA256

    7f6dd0ca03f04b64024e86a72a6d7cfab6abccc2173b85896fc4b431990a5984

  • SHA512

    a62cecdf8887e426332d56914dfe03780402a34896ffe7a3a932986832db7080e599db32bb2113238443750227a50de84ae36c6811993c43b7eee8b1a018d641

Score
10/10
512478c08dada2af19e49808fbda5b0bblackmatter

Malware Config

Extracted

Family

blackmatter

Version

1.2

Botnet

512478c08dada2af19e49808fbda5b0b

Credentials
  • Username:
    aheisler@hhcp.com
  • Password:
    120Heisler
  • Username:
    dsmith@hhcp.com
  • Password:
    Tesla2019
  • Username:
    administrator@hhcp.com
  • Password:
    iteam8**
C2

https://paymenthacks.com

http://paymenthacks.com

https://mojobiden.com

http://mojobiden.com
Attributes
  • attempt_auth

    true

  • create_mutex

    true

  • encrypt_network_shares

    true

  • exfiltrate

    true

  • mount_volumes

    true

rsa_pubkey.base64
aes.base64

Signatures

Files

  • 3.bin
    .exe windows x86