2e50eb85f6e271001e69c5733af95c34728893145766066c5ff8708dcc0e43b2.zip

Target

Size

41KB

Sample

211204-hffy1saebr

Score

10 ^/10

MD5

f57a2e95937e7727c82b0782e1cdd0d0

SHA1

570ac30c3c40c62d67ac39e857e840b69908ed16

SHA256

e038bb439a412f1c98d22a9a4726fbe0747a8bbbb48a8d26ac4dcb039f29e53e

SHA512

be171554a26d962445b8a9238abc6faecd2398dc04305730ef44f03418f20971657254f04887c4dbbca87d0a360077cb9e4666747882ba4bdc82e8d567858647

Extracted

Family	blackmatter
Version	2.0
Botnet	e4aaffc36f5d5b7d597455eb6d497df5
Credentials	Protocol: Host: Port: Username: pklages@spectrumfurniture.com Password: BBis#1ec Protocol: Host: Port: Username: BackupExec@spectrumfurniture.com Password: k8DbBSZYWWnr0QqrILoo Protocol: Host: Port: Username: admin@Northwoods.com Password: Smokie@CF
C2	https://mojobiden.com http://mojobiden.com https://nowautomation.com http://nowautomation.com https://mojobiden.com http://mojobiden.com https://nowautomation.com http://nowautomation.com
Attributes	attempt_auth true create_mutex true encrypt_network_shares true exfiltrate true mount_volumes true
rsa_pubkey.base64
aes.base64

Target

2e50eb85f6e271001e69c5733af95c34728893145766066c5ff8708dcc0e43b2.zip

MD5

f57a2e95937e7727c82b0782e1cdd0d0

Filesize

41KB

Score

4^/10

SHA1

570ac30c3c40c62d67ac39e857e840b69908ed16

SHA256

e038bb439a412f1c98d22a9a4726fbe0747a8bbbb48a8d26ac4dcb039f29e53e

SHA512

be171554a26d962445b8a9238abc6faecd2398dc04305730ef44f03418f20971657254f04887c4dbbca87d0a360077cb9e4666747882ba4bdc82e8d567858647

Related Tasks

behavioral1

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

static1

e4aaffc36f5d5b7d597455eb6d497df5 blackmatter

10^/10

behavioral1

4^/10