Static task
static1
Behavioral task
behavioral1
Sample
706f3eec328e91ff7f66c8f0a2fb9b556325c153a329a2062dc85879c540839d.exe
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
706f3eec328e91ff7f66c8f0a2fb9b556325c153a329a2062dc85879c540839d.exe
Resource
win10-en-20211014
General
-
Target
706f3eec328e91ff7f66c8f0a2fb9b556325c153a329a2062dc85879c540839d
-
Size
79KB
-
MD5
62a1b4d4b461f4eaae91c70727f71604
-
SHA1
1ced9a7e62aa65faa03eb1ad2bc786e9d9b5f6c2
-
SHA256
706f3eec328e91ff7f66c8f0a2fb9b556325c153a329a2062dc85879c540839d
-
SHA512
d14f989f5f54663c3ea63526a000e8db5d172046e37f412ed47cd31eb14db071b515b854bbb3ab3d2f41f936b6962583aaa0b3ef1236aa2506148813f66ad542
Malware Config
Extracted
blackmatter
2.0
90a881ffa127b004cec6802588fce307
- Username:
[email protected] - Password:
Q7Q"
- Username:
[email protected] - Password:
!$(AYw94+PJ,rX
- Username:
jmiklo@@adroot.newcoop.com - Password:
sanfran85
- Username:
[email protected] - Password:
sanfran85
- Username:
[email protected] - Password:
sanfran85
https://mojobiden.com
http://mojobiden.com
https://nowautomation.com
http://nowautomation.com
-
attempt_auth
true
-
create_mutex
true
-
encrypt_network_shares
true
-
exfiltrate
true
-
mount_volumes
true
Signatures
-
Blackmatter family
Files
-
706f3eec328e91ff7f66c8f0a2fb9b556325c153a329a2062dc85879c540839d.exe windows x86