General
-
Target
bm1.4_contents.zip
-
Size
51KB
-
Sample
211201-w2bhbahhg3
-
MD5
11431776599d205ef1f548ae488f54e5
-
SHA1
2ad8b930ee352f19d55742962b2fbf4172f14ade
-
SHA256
10beea3baa8e587ac078a518c46c90e381df03775c898a94d7c2de45e2bac6d4
-
SHA512
4aa8b6d83791857ce1d428647c5d65a883c243cdeea961c888cfbe488c35373e02e3145565442010dc55f5f5a4194fb2a187c6e3e1fd97fb9e920c3c638bc1e9
Static task
static1
Behavioral task
behavioral1
Sample
0x000100000001ab31-114.dat.dll
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
0x000100000001ab31-114.dat.dll
Resource
win10-en-20211104
Behavioral task
behavioral3
Sample
3020-116-0x0000000000400000-0x0000000000414000-memory.dmp.exe
Resource
win7-en-20211104
Behavioral task
behavioral4
Sample
3020-116-0x0000000000400000-0x0000000000414000-memory.dmp.exe
Resource
win10-en-20211014
Malware Config
Extracted
blackmatter
1.4
caa0d21adc7bdc4dc424497512a8f37d
https://paymenthacks.com
http://paymenthacks.com
https://mojobiden.com
http://mojobiden.com
-
attempt_auth
false
-
create_mutex
true
-
encrypt_network_shares
true
-
exfiltrate
true
-
mount_volumes
true
Targets
-
-
Target
0x000100000001ab31-114.dat
-
Size
11KB
-
MD5
fccff8cb7a1067e23fd2e2b63971a8e1
-
SHA1
30e2a9e137c1223a78a0f7b0bf96a1c361976d91
-
SHA256
6fcea34c8666b06368379c6c402b5321202c11b00889401c743fb96c516c679e
-
SHA512
f4335e84e6f8d70e462a22f1c93d2998673a7616c868177cac3e8784a3be1d7d0bb96f2583fa0ed82f4f2b6b8f5d9b33521c279a42e055d80a94b4f3f1791e0c
Score3/10 -
-
-
Target
3020-116-0x0000000000400000-0x0000000000414000-memory.dmp
-
Size
80KB
-
MD5
01408ac403b5c33f965f650534f81a90
-
SHA1
a1a23e1978fd58c9189817cca50163b06618b3bf
-
SHA256
f6b73646a1f1e97dacae54aa9a294eb12c19a3fe5c4ed578787b55eaac3c8ac9
-
SHA512
add8587516e42cced4466497322026408b6fe10a24c2c78feaf03210879a02b5ca92193e69ec5b445da485246872854a0d966373b9963b1a5adfac5834134404
Score3/10 -