General
-
Target
70344ece62a828c46ff315b3328125d8ab5f6902bbeaa24224fee97142ee6ad9.bin
-
Size
80KB
-
Sample
211224-wrfpaadger
-
MD5
5b615cfd2ec6aa4f6242197481fc108b
-
SHA1
fc366c0f83711fed7303b752abf09f2be74e2a15
-
SHA256
70344ece62a828c46ff315b3328125d8ab5f6902bbeaa24224fee97142ee6ad9
-
SHA512
6080fa1e08239533e726cae2420b885627e53a7bbf9fd1fad1d2c861ebdf94262f8540f841a8dfa1956148d7601ec7a4a22ef965a0a7776bbb96e8535c6c30fe
Static task
static1
Behavioral task
behavioral1
Sample
70344ece62a828c46ff315b3328125d8ab5f6902bbeaa24224fee97142ee6ad9.bin.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
70344ece62a828c46ff315b3328125d8ab5f6902bbeaa24224fee97142ee6ad9.bin.dll
Resource
win10-en-20211208
Malware Config
Extracted
blackmatter
2.0
a89e0e2e31db3e31a1e7a9630375f437
https://fluentzip.org
http://fluentzip.org
-
attempt_auth
false
-
create_mutex
true
-
encrypt_network_shares
true
-
exfiltrate
true
-
mount_volumes
true
Targets
-
-
Target
70344ece62a828c46ff315b3328125d8ab5f6902bbeaa24224fee97142ee6ad9.bin
-
Size
80KB
-
MD5
5b615cfd2ec6aa4f6242197481fc108b
-
SHA1
fc366c0f83711fed7303b752abf09f2be74e2a15
-
SHA256
70344ece62a828c46ff315b3328125d8ab5f6902bbeaa24224fee97142ee6ad9
-
SHA512
6080fa1e08239533e726cae2420b885627e53a7bbf9fd1fad1d2c861ebdf94262f8540f841a8dfa1956148d7601ec7a4a22ef965a0a7776bbb96e8535c6c30fe
Score5/10-
Suspicious use of NtSetInformationThreadHideFromDebugger
-