General
Target

bm1.4_contents.zip

Filesize

51KB

Completed

01-12-2021 18:24

Task

static1

Password

infected

Score
10/10
MD5

11431776599d205ef1f548ae488f54e5

SHA1

2ad8b930ee352f19d55742962b2fbf4172f14ade

SHA256

10beea3baa8e587ac078a518c46c90e381df03775c898a94d7c2de45e2bac6d4

SHA256

4aa8b6d83791857ce1d428647c5d65a883c243cdeea961c888cfbe488c35373e02e3145565442010dc55f5f5a4194fb2a187c6e3e1fd97fb9e920c3c638bc1e9

Malware Config

Extracted

Family

blackmatter

Version

1.4

Botnet

caa0d21adc7bdc4dc424497512a8f37d

C2

https://paymenthacks.com

http://paymenthacks.com

https://mojobiden.com

http://mojobiden.com

Attributes
attempt_auth
false
create_mutex
true
encrypt_network_shares
true
exfiltrate
true
mount_volumes
true
rsa_pubkey.base64
aes.base64
Signatures 1

Filter: none

Files

  • bm1.4_contents.zip Extensions .zip
  • 0x000100000001ab31-114.dat Extensions .dll Tags windows x86
  • 0x00030000000152f8-120.dat
  • 2540-119-0x0000000000000000-mapping.dmp
  • 260-121-0x0000000000000000-mapping.dmp
  • 3020-115-0x000000000040EB61-mapping.dmp
  • 3020-116-0x0000000000400000-0x0000000000414000-memory.dmp Extensions .exe Tags windows x86
  • 3020-117-0x0000000002063000-0x0000000002065000-memory.dmp
  • 3020-118-0x0000000002060000-0x0000000002061000-memory.dmp